UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The vCenter Server must enable all tasks to be shown to Administrators in the Web Client.


Overview

Finding ID Version Rule ID IA Controls Severity
V-243093 VCTR-67-000029 SV-243093r719522_rule Medium
Description
By default, not all tasks are shown in the Web Client to Administrators, and only that user's tasks will be shown. Enabling all tasks to be shown will allow the Administrator to potentially see any malicious activity they may miss with the view disabled.
STIG Date
VMware vSphere 6.7 vCenter Security Technical Implementation Guide 2021-04-16

Details

Check Text ( C-46368r719520_chk )
Note: For vCenter Server Windows, this is not applicable.

On the vCenter Server, execute the following command:

# grep "^show\.allusers\.tasks" /etc/vmware/vsphere-client/webclient.properties

Expected result:

show.allusers.tasks = true

If the output does not match the expected result, this is a finding.
Fix Text (F-46325r719521_fix)
Navigate to and open /etc/vmware/vsphere-client/webclient.properties. Remove any existing "show.allusers.tasks" line and add the following:

show.allusers.tasks = true