UCF STIG Viewer Logo

The system must disable the datastore browser.


Overview

Finding ID Version Rule ID IA Controls Severity
VCENTER-000006 VCENTER-000006 VCENTER-000006_rule Low
Description
The datastore browser enables viewing of all the datastores associated with the vSphere deployment, including all folders and files, such as VM files. This functionality is controlled by the site-specific, user permissions on vCenter Server.
STIG Date
VMware vCenter Server Security Technical Implementation Guide 2013-01-15

Details

Check Text ( C-VCENTER-000006_chk )
Verify the datastore browser is disabled:
Determine the location of the vpxd.cfg file on the vCenter Server's Windows OS host.
Edit the file and locate the element.
Ensure that the following element is set. false

If the enableHttpDatastoreAccess element is set to true, this is a finding.
Fix Text (F-VCENTER-000006_fix)
Disable the datastore browser:
Determine the location of the vpxd.cfg file on the Windows host.
Edit the file and locate the ... element.
Ensure that the following element is set false

Restart the vCenter Service to ensure the config file change(s) are in effect.