VCEM-67-000030 - ESX Agent Manager must disable the shutdown port.

Information

An attacker has at least two reasons to stop a web server. The first is to cause a denial of service, and the second is to put in place changes the attacker made to the web server configuration. If the Tomcat shutdown port feature is enabled, a shutdown signal can be sent to the ESX Agent Manager through this port. To ensure availability, the shutdown port must be disabled.

Solution

Open /etc/vmware-eam/catalina.properties in a text editor.

Add or modify the setting 'base.shutdown.port=-1' in the 'catalina.properties' file.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y22M10_STIG.zip

Item Details

References: CAT|II, CCI|CCI-002385, Rule-ID|SV-239401r674697_rule, STIG-ID|VCEM-67-000030, Vuln-ID|V-239401

Plugin: Unix

Control ID: 7cf1a11470686079d7b15d92db76986b4184fc23e0949ba402b033ca87c3ea54