Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
tc Server VCAC must be built to fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-240817 | VRAU-TC-000565 | SV-240817r879640_rule | Medium |
| Description |
|---|
| Determining a safe state for failure and weighing that against a potential DoS for users depends on what type of application the web server is hosting. For an application presenting publicly available information that is not critical, a safe state for failure might be to shut down for any type of failure; but for an application that presents critical and timely information, a shutdown might not be the best state for all failures. Performing a proper risk analysis of the hosted applications and configuring the web server according to what actions to take for each failure condition will provide a known fail safe state for the web server. The VMware engineering process includes regression testing of new and modified components before they become part of the production build process. |
| STIG | Date |
|---|---|
| VMware vRealize Automation 7.x tc Server Security Technical Implementation Guide | 2023-10-03 |
Details
| Check Text ( C-44050r674193_chk ) |
|---|
| At the command line, execute the following command: grep EXIT_ON_INIT_FAILURE /etc/vcac/catalina.properties If the "org.apache.catalina.startup.EXIT_ON_INIT_FAILURE" setting is not set to "true" or is missing, this is a finding. |
| Fix Text (F-44009r674194_fix) |
|---|
| Navigate to and open /etc/vcac/catalina.properties. Configure the setting "org.apache.catalina.startup.EXIT_ON_INIT_FAILURE" with the value "true". Note: The word "true" should not be surrounded with any quote characters. |