Skip to content

The vCenter Server user roles must be verified.

An XCCDF Rule

Description

<VulnDiscussion>Users and service accounts must only be assigned privileges they require. Least privilege requires that these privileges must only be assigned if needed to reduce risk of confidentiality, availability, or integrity loss. Satisfies: SRG-APP-000211, SRG-APP-000233, SRG-APP-000380</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID
SV-258921r934421_rule
Severity
Medium
References
Updated



Remediation - Manual Procedure

To update a user's or group's permissions to an existing role with reduced permissions, do the following:

From the vSphere Client, go to Administration >> Access Control >> Global Permissions.

Select the user or group, click the pencil button, change the assigned role, and click "OK".