The Horizon Connection Server must protect log files from unauthorized access.
An XCCDF Rule
Description
<VulnDiscussion>Error logs can contain sensitive information about system errors and system architecture that need to be protected from unauthorized access and modification. By default, Horizon Connection Server logs are only accessible by local windows Administrators. This configuration must be verified and maintained.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-246895r768645_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
On the Horizon Connection Server, navigate to "C:\ProgramData\VMware\VDM". Right-click the "logs" folder and select "Properties". Change to the "Security" tab. Click "Edit…". Highlight any groups or users that are not built-in system administrative accounts or the local "Administrators" group. Click "Remove". Click "OK". Click "OK".