Skip to content
Log In

VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The vCenter STS service cookies must have "http-only" flag set.

    Cookies are a common way to save session state over the HTTP(S) protocol. If attackers can compromise session data stored in a cookie, they are better able to launch an attack against the server an...
    Rule Medium Severity
    Show

  • SRG-APP-000033-AS-000024

    Group
    Show

  • SRG-APP-000141-AS-000095

    Group
    Show

  • The vCenter STS service shutdown port must be disabled.

    Tomcat by default listens on TCP port 8005 to accept shutdown requests. By connecting to this port and sending the SHUTDOWN command, all applications within Tomcat are halted. The shutdown port is ...
    Rule Medium Severity
    Show

  • SRG-APP-000141-AS-000095

    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules