UCF STIG Viewer Logo

vSphere Client must limit the number of allowed connections.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239761 VCFL-67-000020 SV-239761r679510_rule Medium
Description
Limiting the number of established connections to Sphere Client is a basic denial-of-service protection. Servers where the limit is too high or unlimited can potentially run out of system resources and negatively affect system availability.
STIG Date
VMware vSphere 6.7 Virgo-Client Security Technical Implementation Guide 2021-03-18

Details

Check Text ( C-42994r679508_chk )
At the command prompt, execute the following command:

# xmllint --format --xpath '/Server/Service/Connector/@acceptCount' /usr/lib/vmware-vsphere-client/server/configuration/tomcat-server.xml

Expected result:

acceptCount="300" acceptCount="300"

If the output does not match the expected result, this is a finding.
Fix Text (F-42953r679509_fix)
Navigate to and open /usr/lib/vmware-vsphere-client/server/configuration/tomcat-server.xml.

Configure each node with the following:

acceptCount="300"