UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VMware vSphere 6.7 Virtual Machine Security Technical Implementation Guide


Overview

Date Finding Count (24)
2021-04-16 CAT I (High): 0 CAT II (Med): 15 CAT III (Low): 9
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-239347 Medium Unauthorized removal, connection and modification of devices must be prevented on the virtual machine.
V-239344 Medium Console connection sharing must be limited on the virtual machine.
V-239345 Medium Console access through the VNC protocol must be disabled on the virtual machine.
V-239342 Medium Unauthorized serial devices must be disconnected on the virtual machine.
V-239343 Medium Unauthorized USB devices must be disconnected on the virtual machine.
V-239341 Medium Unauthorized parallel devices must be disconnected on the virtual machine.
V-239348 Medium The virtual machine must not be able to obtain host information from the hypervisor.
V-242469 Medium Encryption must be enabled for vMotion on the virtual machine.
V-239339 Medium Unauthorized floppy devices must be disconnected on the virtual machine.
V-239338 Medium HGFS file transfers must be disabled on the virtual machine.
V-239337 Medium Independent, non-persistent disks must be not be used on the virtual machine.
V-239336 Medium Virtual disk erasure must be disabled on the virtual machine.
V-239335 Medium Virtual disk shrinking must be disabled on the virtual machine.
V-239352 Medium Use of the virtual machine console must be minimized.
V-239353 Medium The virtual machine guest operating system must be locked when the last console connection is closed.
V-239346 Low Informational messages from the virtual machine to the VMX file must be limited on the virtual machine.
V-239340 Low Unauthorized CD/DVD devices must be disconnected on the virtual machine.
V-239349 Low Shared salt values must be disabled on the virtual machine.
V-239333 Low Drag and drop operations must be disabled on the virtual machine.
V-239332 Low Copy operations must be disabled on the virtual machine.
V-239351 Low System administrators must use templates to deploy virtual machines whenever possible.
V-239350 Low Access to virtual machines through the dvfilter network APIs must be controlled.
V-239334 Low Paste operations must be disabled on the virtual machine.
V-239354 Low 3D features on the virtual machine must be disabled when not required.