Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The use of Linux-based clients must be restricted.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| VCENTER-000021 | VCENTER-000021 | VCENTER-000021_rule | Low |
| Description |
|---|
| Although SSL-based encryption is used to protect communication between client components and vCenter Server or ESXi, the Linux versions of these components do not perform certificate validation. Even if the self-signed certificates are replaced on vCenter and ESXi with legitimate certificates signed by the local root certificate authority or a third party, communications with Linux clients are still vulnerable to MiTM attacks. |
| STIG | Date |
|---|---|
| VMware vCenter Server Security Technical Implementation Guide | 2013-01-15 |
Details
| Check Text ( C-VCENTER-000021_chk ) |
|---|
| Verify all client operating systems connecting to the vCenter Server is not Linux. If any client operating system connecting to the vCenter Server is Linux-based, this is a finding. |
| Fix Text (F-VCENTER-000021_fix) |
|---|
| Replace all Linux-based clients connecting to the vCenter Server with non-Linux-based clients. |