VCEM-67-000030 - ESX Agent Manager must disable the shutdown port.

Information

An attacker has at least two reasons to stop a web server. The first is to cause a denial of service, and the second is to put in place changes the attacker made to the web server configuration. If the Tomcat shutdown port feature is enabled, a shutdown signal can be sent to the ESX Agent Manager through this port. To ensure availability, the shutdown port must be disabled.

Solution

Open /etc/vmware-eam/catalina.properties in a text editor.

Add or modify the setting 'base.shutdown.port=-1' in the 'catalina.properties' file.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y23M07_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-5, CAT|II, CCI|CCI-002385, Rule-ID|SV-239401r879806_rule, STIG-ID|VCEM-67-000030, Vuln-ID|V-239401

Plugin: Unix

Control ID: d4427a155d06a3ff0e9f721ad6a2b245bbe8449412b3de1efde669c0febb17e6