The vCenter Server must limit the use of the built-in SSO administrative account.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243080 | VCTR-67-000010 | SV-243080r719483_rule | Medium |
| Description |
|---|
| Use of the SSO administrator account should be limited as it is a shared account and individual accounts must be used wherever possible. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 vCenter Security Technical Implementation Guide | 2022-09-09 |
Details
| Check Text ( C-46355r719481_chk ) |
|---|
| Verify the built-in SSO administrator account is only used for emergencies and situations where it is the only option due to permissions. If the built-in SSO administrator account is used for daily operations or there is no policy restricting its use, this is a finding. |
| Fix Text (F-46312r719482_fix) |
|---|
| Develop a policy to limit the use of the built-in SSO administrator account. |