The vCenter Server must enable all tasks to be shown to Administrators in the Web Client.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-243093 | VCTR-67-000029 | SV-243093r719522_rule | Medium |
| Description |
|---|
| By default, not all tasks are shown in the Web Client to Administrators, and only that user's tasks will be shown. Enabling all tasks to be shown will allow the Administrator to potentially see any malicious activity they may miss with the view disabled. |
| STIG | Date |
|---|---|
| VMware vSphere 6.7 vCenter Security Technical Implementation Guide | 2022-09-09 |
Details
| Check Text ( C-46368r719520_chk ) |
|---|
| Note: For vCenter Server Windows, this is not applicable. On the vCenter Server, execute the following command: # grep "^show\.allusers\.tasks" /etc/vmware/vsphere-client/webclient.properties Expected result: show.allusers.tasks = true If the output does not match the expected result, this is a finding. |
| Fix Text (F-46325r719521_fix) |
|---|
| Navigate to and open /etc/vmware/vsphere-client/webclient.properties. Remove any existing "show.allusers.tasks" line and add the following: show.allusers.tasks = true |