The Security Token Service must only run one webapp.

An XCCDF Rule

Details
Profiles

Description

VMware ships the Security Token Service on the vCenter Server Appliance (VCSA) with one webapp, in "ROOT.war". Any other ".war" file is potentially malicious and must be removed. Satisfies: SRG-APP-000131-WSR-000073, SRG-APP-000141-WSR-000075

ID: SV-256753r889229_rule
Version: VCST-70-000009
Severity: Medium
References: CCI-000381 CCI-001749
Updated: about 2 months ago

Remediation Templates

For each unexpected file returned in the check, run the following command: 
 
# rm /usr/lib/vmware-sso/vmware-sts/webapps/<NAME>.war 
 
Restart the service with the following command: 
 
# vmon-cli --restart sts

The Security Token Service must only run one webapp.

Description

Remediation Templates

A Manual Procedure