UCF STIG Viewer Logo

The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239329 ESXI-67-000079 SV-239329r674916_rule Medium
Description
Warnings that local or remote shell sessions are enabled alert administrators to activity that they may not be aware of and need to investigate.
STIG Date
VMware vSphere 6.7 ESXi Security Technical Implementation Guide 2022-01-05

Details

Check Text ( C-42562r674914_chk )
From the vSphere Web Client, select the host and click Configure >> System >> Advanced System Settings.

Find the "UserVars.SuppressShellWarning" value and verify that it is set to the following:

0

If the value is not set as above or does not exist, this is a finding.

or

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning

If the value returned is not "0" or the setting does not exist, this is a finding.
Fix Text (F-42521r674915_fix)
From the vSphere Web Client, select the host and click Configure >> System >> Advanced System Settings.

Find the "UserVars.SuppressShellWarning" value and set it to the following:

0

or

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value "0"