UCF STIG Viewer Logo

tc Server UI must be configured to use the https scheme.


Overview

Finding ID Version Rule ID IA Controls Severity
V-89031 VROM-TC-000740 SV-99681r1_rule Medium
Description
Remote access to the web server is any access that communicates through an external, non-organization-controlled network. Remote access can be used to access hosted applications or to perform management functions. tc Server connections are managed by the Connector object class. By configuring external Connector objects to use the HTTPS scheme, vROps's information in flight will be protected.
STIG Date
VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide 2018-10-12

Details

Check Text ( C-88723r1_chk )
Navigate to and open /usr/lib/vmware-vcops/tomcat-web-app/conf/server.xml.

Navigate to each of the nodes.

If the value of “scheme” is not set to “https” or is missing, this is a finding.
Fix Text (F-95773r1_fix)
Navigate to and open /usr/lib/vmware-vcops/tomcat-web-app/conf/server.xml.

Navigate to each of the nodes.

Configure each with the value 'scheme="https"'