VMware vSphere 7.0 vCenter Appliance UI Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
vSphere UI log files must only be accessible by privileged users.
Log data is essential in the investigation of events. If log data were to become compromised, competent forensic analysis and discovery of the true source of potentially malicious system activity w...Rule Medium Severity -
vSphere UI application files must be verified for their integrity.
Verifying the vSphere UI application code is unchanged from its shipping state is essential for file validation and nonrepudiation of the vSphere UI. There is no reason the MD5 hash of the RPM orig...Rule Medium Severity -
vSphere UI must not be configured with the "UserDatabaseRealm" enabled.
The vSphere UI performs user authentication at the application level and not through Tomcat. By default, there is no configuration for the "UserDatabaseRealm" Tomcat authentication mechanism. To el...Rule Medium Severity -
vSphere UI must have Multipurpose Internet Mail Extensions (MIME) that invoke operating system shell programs disabled.
MIME mappings tell the vSphere UI what type of program various file types and extensions are and what external utilities or programs are needed to execute the file type. By ensuring various shell s...Rule Medium Severity -
vSphere UI must not have the Web Distributed Authoring (WebDAV) servlet installed.
WebDAV is an extension to the HTTP protocol that, when developed, was meant to allow users to create, change, and move documents on a server, typically a web server or web share. WebDAV is not wide...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules