Information
The GuestStore feature facilitates the distribution of specific content to multiple guests. If not required, it is advisable to disable this plugin to minimize potential attack vectors. The parameter governing this behavior is gueststoreupgrade policy with a recommended setting of off.
Minimizing the attack surface by disabling unnecessary features is a prudent security measure. This control aids in reducing potential exposure points in the system.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Impact:
Deactivating Guest Store Upgrade operations may affect certain products and services within the VMware ecosystem that rely on this functionality, necessitating alternative configurations or methods to maintain required operational capabilities.