Performance Charts must not be configured with unsupported realms.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-239411 | VCPF-67-000010 | SV-239411r674956_rule | Medium |
| Description |
|---|
| Performance Charts performs user authentication at the application level and not through Tomcat. Depending on the VCSA version, Performance Charts may come configured with a "UserDatabaseRealm". This should be removed as part of eliminating unnecessary features. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 Perfcharts Tomcat Security Technical Implementation Guide | 2022-01-03 |
Details
| Check Text ( C-42644r674954_chk ) |
|---|
| At the command prompt, execute the following command: # grep UserDatabaseRealm /usr/lib/vmware-perfcharts/tc-instance/conf/server.xml If the command produces any output, this is a finding. |
| Fix Text (F-42603r674955_fix) |
|---|
| Navigate to and open /usr/lib/vmware-perfcharts/tc-instance/conf/server.xml. Remove the |