UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VMware vSphere 6.5 Virtual Machine Security Technical Implementation Guide


Overview

Date Finding Count (39)
2021-09-22 CAT I (High): 0 CAT II (Med): 15 CAT III (Low): 24
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via e-mail to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-237095 Medium Unauthorized removal, connection and modification of devices must be prevented on the virtual machine.
V-237096 Medium The virtual machine must not be able to obtain host information from the hypervisor.
V-237090 Medium Unauthorized serial devices must be disconnected on the virtual machine.
V-237091 Medium Unauthorized USB devices must be disconnected on the virtual machine.
V-237092 Medium Console connection sharing must be limited on the virtual machine.
V-237093 Medium Console access through the VNC protocol must be disabled on the virtual machine.
V-237072 Medium HGFS file transfers must be disabled on the virtual machine.
V-237070 Medium Virtual disk erasure must be disabled on the virtual machine.
V-237071 Medium Independent, non-persistent disks must be not be used on the virtual machine.
V-237089 Medium Unauthorized parallel devices must be disconnected on the virtual machine.
V-237087 Medium Unauthorized floppy devices must be disconnected on the virtual machine.
V-237069 Medium Virtual disk shrinking must be disabled on the virtual machine.
V-237103 Medium Encryption must be enabled for vMotion on the virtual machine.
V-237100 Medium Use of the virtual machine console must be minimized.
V-237101 Medium The virtual machine guest operating system must be locked when the last console connection is closed.
V-237098 Low Access to virtual machines through the dvfilter network APIs must be controlled.
V-237099 Low System administrators must use templates to deploy virtual machines whenever possible.
V-237094 Low Informational messages from the virtual machine to the VMX file must be limited on the virtual machine.
V-237097 Low Shared salt values must be disabled on the virtual machine.
V-237078 Low The unexposed feature keyword isolation.tools.ghi.trayicon.disable must be set on the virtual machine.
V-237079 Low The unexposed feature keyword isolation.tools.unity.disable must be set on the virtual machine.
V-237076 Low The unexposed feature keyword isolation.tools.ghi.protocolhandler.info.disable must be set on the virtual machine.
V-237077 Low The unexposed feature keyword isolation.ghi.host.shellAction.disable must be set on the virtual machine.
V-237074 Low The unexposed feature keyword isolation.tools.ghi.launchmenu.change must be set on the virtual machine.
V-237075 Low The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set on the virtual machine.
V-237073 Low The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set on the virtual machine.
V-237088 Low Unauthorized CD/DVD devices must be disconnected on the virtual machine.
V-237086 Low The unexposed feature keyword isolation.tools.guestDnDVersionSet.disable must be set on the virtual machine.
V-237085 Low The unexposed feature keyword isolation.tools.vmxDnDVersionGet.disable must be set on the virtual machine.
V-237084 Low The unexposed feature keyword isolation.tools.unity.windowContents.disable must be set on the virtual machine.
V-237083 Low The unexposed feature keyword isolation.tools.unityActive.disable must be set on the virtual machine.
V-237082 Low The unexposed feature keyword isolation.tools.unity.taskbar.disable must be set on the virtual machine.
V-237081 Low The unexposed feature keyword isolation.tools.unity.push.update.disable must be set on the virtual machine.
V-237080 Low The unexposed feature keyword isolation.tools.unityInterlockOperation.disable must be set on the virtual machine.
V-237065 Low Copy operations must be disabled on the virtual machine.
V-237067 Low GUI functionality for copy/paste operations must be disabled on the virtual machine.
V-237066 Low Drag and drop operations must be disabled on the virtual machine.
V-237068 Low Paste operations must be disabled on the virtual machine.
V-237102 Low 3D features on the virtual machine must be disabled when not required.