The vCenter UI service must be configured to limit data exposure between applications.

An XCCDF Rule

Description

<VulnDiscussion>If RECYCLE_FACADES is true or if a security manager is in use, a new facade object will be created for each request. This reduces the chances that a bug in an application might expose data from one request to another.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-259112r935240_rule
Severity: Medium
References: CCI-001664
Updated: 8 months ago

Navigate to and open:

/usr/lib/vmware-vsphere-ui/server/conf/catalina.properties

Update or remove the following line:
org.apache.catalina.connector.RECYCLE_FACADES=true

Restart the service with the following command:

# vmon-cli --restart vsphere-ui

The vCenter UI service must be configured to limit data exposure between applications.

Description

Remediation - Manual Procedure