Skip to content
Log In

VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000001-AS-000001

    Group
    Show

  • SRG-APP-000033-AS-000024

    Group
    Show

  • The vCenter STS service cookies must have secure flag set.

    The secure flag is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure flag is to prevent cookies from being...
    Rule Medium Severity
    Show

  • SRG-APP-000092-AS-000053

    Group
    Show

  • SRG-APP-000095-AS-000056

    Group
    Show

  • The vCenter STS service must produce log records containing sufficient information regarding event details.

    Remote access can be exploited by an attacker to compromise the server. By recording all remote access activities, it will be possible to determine the attacker's location, intent, and degree of su...
    Rule Medium Severity
    Show

  • SRG-APP-000118-AS-000078

    Group
    Show

  • The vCenter STS service logs folder permissions must be set correctly.

    Log data is essential in the investigation of events. The accuracy of the information is always pertinent. One of the first steps an attacker will take is the modification or deletion of log record...
    Rule Medium Severity
    Show

  • SRG-APP-000133-AS-000092

    Group
    Show

  • SRG-APP-000141-AS-000095

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules