Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
VMware Horizon 7.13 Connection Server Security Technical Implementation Guide
SRG-APP-000033-AS-000024
SRG-APP-000033-AS-000024
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
SRG-APP-000033-AS-000024
1 Rule
<GroupDescription></GroupDescription>
The Horizon Connection Server administrators must be limited in terms of quantity, scope, and permissions.
Medium Severity
<VulnDiscussion>Role based access and least privilege are two fundamental security concepts that must be properly implemented in Horizon View to ensure the right user and groups have the right permissions on the right objects. Horizon View allows for assigning of roles (pre-defined sets of permissions) to specific users and groups and on a specific Access Group (set of objects). Administrators must ensure that minimal permissions are assigned to the right entities, in the right scope, and stay so over time. Satisfies: SRG-APP-000033-AS-000024, SRG-APP-000118-AS-000078, SRG-APP-000121-AS-000081, SRG-APP-000122-AS-000082, SRG-APP-000123-AS-000083, SRG-APP-000290-AS-000174, SRG-APP-000315-AS-000094, SRG-APP-000340-AS-000185, SRG-APP-000343-AS-000030</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>