VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000141-WSR-000081
Group -
SRG-APP-000141-WSR-000083
Group -
The vCenter VAMI service must have resource mappings set to disable the serving of certain file types.
Resource mapping is the process of tying a particular file type to a process in the web server that can serve that type of file to a requesting client and to identify which file types are not to be...Rule Medium Severity -
SRG-APP-000141-WSR-000085
Group -
The vCenter VAMI service must have Web Distributed Authoring (WebDAV) disabled.
A web server can be installed with functionality that, by its nature, is not secure. WebDAV is an extension to the HTTP protocol that, when developed, was meant to allow users to create, change, an...Rule Medium Severity -
SRG-APP-000141-WSR-000086
Group -
The vCenter VAMI service must protect system resources and privileged operations from hosted applications.
Most of the attention to denial-of-service (DoS) attacks focuses on ensuring that systems and applications are not victims of these attacks. However, these systems and applications must also be sec...Rule Medium Severity -
SRG-APP-000176-WSR-000096
Group -
The vCenter VAMI service must restrict access to the web server's private key.
The web server's private key is used to prove the identity of the server to clients and securely exchange the shared secret key used to encrypt communications between the web server and clients. By...Rule Medium Severity -
SRG-APP-000179-WSR-000111
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.