vSphere Client plugins must be verified.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-39564 | VCENTER-000029 | SV-51422r1_rule | Medium |
| Description |
|---|
| The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, Web-based functionality. vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system. |
| STIG | Date |
|---|---|
| VMware vCenter Server Version 5 Security Technical Implementation Guide | 2016-02-10 |
Details
| Check Text ( C-46789r2_chk ) |
|---|
| Verify the vSphere Client used by administrators includes only authorized extensions from trusted sources: From the vSphere Client, "Plug-ins>> Manage Plug-ins" and click the Installed Plug-ins tab. View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, 3rd party (Partner) and/or site-specific (locally developed and site) approved plug-ins. If any Installed/Available plug-ins in the viewable list cannot be verified as vSphere Client plug-ins and/or authorized extensions from trusted sources, this is a finding. |
| Fix Text (F-44577r2_fix) |
|---|
| Disable/remove all listed plug-ins that cannot be verified as distributed from trusted sources: From the vSphere client, connect to the vCenter server. On the menu bar, go to "Plug-ins >> Manage Plug-ins". Under Installed Plug-ins, right-click the plug-in of choice and select Disable. |