UCF STIG Viewer Logo

VMware vSphere 6.7 Virtual Machine Security Technical Implementation Guide


Overview

Date Finding Count (24)
2022-01-04 CAT I (High): 0 CAT II (Med): 15 CAT III (Low): 9
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Classified)

Finding ID Severity Title
V-239347 Medium Unauthorized removal, connection and modification of devices must be prevented on the virtual machine.
V-239344 Medium Console connection sharing must be limited on the virtual machine.
V-239345 Medium Console access through the VNC protocol must be disabled on the virtual machine.
V-239342 Medium Unauthorized serial devices must be disconnected on the virtual machine.
V-239343 Medium Unauthorized USB devices must be disconnected on the virtual machine.
V-239341 Medium Unauthorized parallel devices must be disconnected on the virtual machine.
V-239348 Medium The virtual machine must not be able to obtain host information from the hypervisor.
V-242469 Medium Encryption must be enabled for vMotion on the virtual machine.
V-239339 Medium Unauthorized floppy devices must be disconnected on the virtual machine.
V-239338 Medium HGFS file transfers must be disabled on the virtual machine.
V-239337 Medium Independent, non-persistent disks must be not be used on the virtual machine.
V-239336 Medium Virtual disk erasure must be disabled on the virtual machine.
V-239335 Medium Virtual disk shrinking must be disabled on the virtual machine.
V-239352 Medium Use of the virtual machine console must be minimized.
V-239353 Medium The virtual machine guest operating system must be locked when the last console connection is closed.
V-239346 Low Informational messages from the virtual machine to the VMX file must be limited on the virtual machine.
V-239340 Low Unauthorized CD/DVD devices must be disconnected on the virtual machine.
V-239349 Low Shared salt values must be disabled on the virtual machine.
V-239333 Low Drag and drop operations must be disabled on the virtual machine.
V-239332 Low Copy operations must be disabled on the virtual machine.
V-239351 Low System administrators must use templates to deploy virtual machines whenever possible.
V-239350 Low Access to virtual machines through the dvfilter network APIs must be controlled.
V-239334 Low Paste operations must be disabled on the virtual machine.
V-239354 Low 3D features on the virtual machine must be disabled when not required.