Skip to content
Log In

VMware vSphere 7.0 vCenter Appliance Lookup Service Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000141-WSR-000083

    Group
    Show

  • Lookup Service must have mappings set for Java servlet pages.

    Resource mapping is the process of tying a particular file type to a process in the web server that can serve that type of file to a requesting client and identify which file types are not to be de...
    Rule Medium Severity
    Show

  • SRG-APP-000141-WSR-000085

    Group
    Show

  • Lookup Service must not have the Web Distributed Authoring (WebDAV) servlet installed.

    WebDAV is an extension to the HTTP protocol that, when developed, was meant to allow users to create, change, and move documents on a server, typically a web server or web share. WebDAV is not wide...
    Rule Medium Severity
    Show

  • SRG-APP-000141-WSR-000086

    Group
    Show

  • Lookup Service must be configured with memory leak protection.

    The Java Runtime environment can cause a memory leak or lock files under certain conditions. Without memory leak protection, Lookup Service can continue to consume system resources, which will lead...
    Rule Medium Severity
    Show

  • SRG-APP-000141-WSR-000087

    Group
    Show

  • Lookup Service must not have any symbolic links in the web content directory tree.

    A web server is designed to deliver content and execute scripts or applications on the request of a client or user. Containing user requests to files in the directory tree of the hosted web applica...
    Rule Medium Severity
    Show

  • SRG-APP-000211-WSR-000030

    Group
    Show

  • SRG-APP-000225-WSR-000140

    Group
    Show

  • Lookup Service must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.

    Determining a safe state for failure and weighing that against a potential denial of service for users depends on what type of application the web server is hosting. For the Lookup Service, it is p...
    Rule Medium Severity
    Show

  • SRG-APP-000246-WSR-000149

    Group
    Show

  • Lookup Service must limit the number of allowed connections.

    Limiting the number of established connections is a basic denial-of-service protection and a best practice. Servers where the limit is too high or unlimited could run out of system resources and ne...
    Rule Medium Severity
    Show

  • SRG-APP-000251-WSR-000157

    Group
    Show

  • SRG-APP-000266-WSR-000142

    Group
    Show

  • Lookup Service must set the welcome-file node to a default web page.

    Enumeration techniques, such as URL parameter manipulation, rely on being able to obtain information about the web server's directory structure by locating directories without default pages. In thi...
    Rule Medium Severity
    Show

  • SRG-APP-000266-WSR-000142

    Group
    Show

  • SRG-APP-000266-WSR-000159

    Group
    Show

  • SRG-APP-000266-WSR-000159

    Group
    Show

  • Lookup Service must be configured to show error pages with minimal information.

    Web servers will often display error messages to client users, including enough information to aid in the debugging of the error. The information given back in error messages may display the web se...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules