Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-63987 | VCWN-06-000025 | SV-78477r1_rule | Low |
Description |
---|
The managed object browser provides a way to explore the object model used by the vCenter to manage the vSphere environment; it enables configurations to be changed as well. This interface is used primarily for debugging, and might potentially be used to perform malicious configuration changes or actions. |
STIG | Date |
---|---|
VMware vSphere vCenter Server Version 6 Security Technical Implementation Guide | 2017-07-11 |
Check Text ( C-64739r2_chk ) |
---|
The Managed Object Browser (MOB) was designed to be used by SDK developers to assist in the development, programming, and debugging of objects. It is an inventory object, full-access interface, allowing attackers to determine the inventory path of an infrastructure's managed entities. Check the operational status of the MOB: Determine the location of the vpxd.cfg file on the vCenter Server's Windows OS host. Edit the file and locate the Ensure the following element is set. If the MOB is currently enabled, ask the SA if it is being used for object maintenance. If the enableDebugBrowse element is enabled (set to true), and object maintenance is not being performed, this is a finding. If the enableDebugBrowse element is enabled (set to true), and object maintenance is being performed, this is not a finding. |
Fix Text (F-69917r1_fix) |
---|
If the datastore browser is enabled and required for object maintenance, no fix is immediately required. Disable the managed object browser: Determine the location of the vpxd.cfg file on the Windows host. Edit the file and locate the Ensure the following element is set. Restart the vCenter Service to ensure the configuration file change(s) are in effect. |