The Web datastore browser must be disabled, unless required for normal day-to-day operations.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-39546 | VCENTER-000006 | SV-51404r2_rule | Low |
| Description |
|---|
| The Web datastore browser enables viewing of all the datastores associated with the vSphere deployment, including all folders and files, such as VM files. This functionality is controlled by the organization-specific, user permissions on vCenter Server. |
| STIG | Date |
|---|---|
| VMware vCenter Server Version 5 Security Technical Implementation Guide | 2014-11-10 |
Details
| Check Text ( C-46771r3_chk ) |
|---|
| If the Web datastore browser is required for normal, daily operational tasks, this check is not applicable. Verify the Web datastore browser is disabled: Determine the location of the vpxd.cfg file on the vCenter Server's Windows OS host. Edit the file and locate the Ensure the following element is set. If the Web datastore browser is not disabled, this is a finding. |
| Fix Text (F-44559r3_fix) |
|---|
| If the Web datastore browser is enabled and required for normal, daily operational tasks, no fix is required. Disable the Web datastore browser: Determine the location of the vpxd.cfg file on the Windows host. Edit the file and locate the Ensure the following element is set Restart the vCenter Service to ensure the config file change(s) are in effect. |