UCF STIG Viewer Logo

Unauthorized floppy devices must be disconnected on the virtual machine.


Overview

Finding ID Version Rule ID IA Controls Severity
V-239339 VMCH-67-000008 SV-239339r679566_rule Medium
Description
Ensure that no device is connected to a virtual machine if it is not required. For example, floppy, serial and parallel ports are rarely used for virtual machines in a datacenter environment, and CD/DVD drives are usually connected only temporarily during software installation.
STIG Date
VMware vSphere 6.7 Virtual Machine Security Technical Implementation Guide 2022-01-04

Details

Check Text ( C-42572r679564_chk )
From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no floppy device is connected.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState

If a virtual machine has a floppy drive connected, this is a finding.
Fix Text (F-42531r679565_fix)
If the floppy drive is required to be present, then from the vSphere Client right-click the Virtual Machine and go to Edit Settings, make sure the drive is not connected and will not "Connect at power on".

If the floppy drive is not required, then from the vSphere Client power off the virtual machine, right-click the Virtual Machine and go to Edit Settings, select the floppy drive and click the circle-x to remove then OK.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM "VM Name" | Get-FloppyDrive | Remove-FloppyDrive