Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The vCenter Server must limit the use of the built-in SSO administrative account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243080 | VCTR-67-000010 | SV-243080r719483_rule | Medium |
| Description |
|---|
| Use of the SSO administrator account should be limited as it is a shared account and individual accounts must be used wherever possible. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 vCenter Security Technical Implementation Guide | 2022-01-04 |
Details
| Check Text ( C-46355r719481_chk ) |
|---|
| Verify the built-in SSO administrator account is only used for emergencies and situations where it is the only option due to permissions. If the built-in SSO administrator account is used for daily operations or there is no policy restricting its use, this is a finding. |
| Fix Text (F-46312r719482_fix) |
|---|
| Develop a policy to limit the use of the built-in SSO administrator account. |