Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
Performance Charts must not be configured with unsupported realms.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-256620 | VCPF-70-000010 | SV-256620r888351_rule | Medium |
| Description |
|---|
| Performance Charts performs user authentication at the application level and not through Tomcat. Depending on the vCenter Server Appliance (VCSA) version, Performance Charts may come configured with a "UserDatabaseRealm". This should be removed as part of eliminating unnecessary features. |
| STIG | Date |
|---|---|
| VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation Guide | 2023-02-21 |
Details
| Check Text ( C-60295r888349_chk ) |
|---|
| At the command prompt, run the following command: # grep UserDatabaseRealm /usr/lib/vmware-perfcharts/tc-instance/conf/server.xml If the command produces any output, this is a finding. |
| Fix Text (F-60238r888350_fix) |
|---|
| Navigate to and open: /usr/lib/vmware-perfcharts/tc-instance/conf/server.xml Remove the Restart the service with the following command: # vmon-cli --restart perfcharts |