Information
If the remote connection is not closed and verified as closed, the session may remain open and be exploited by an attacker; this is referred to as a zombie session. Remote connections must be disconnected and verified as disconnected when nonlocal maintenance sessions have been terminated and are no longer available for use.
Satisfies: SRG-OS-000395-GPOS-00175, SRG-OS-000074-GPOS-00042, SRG-OS-000112-GPOS-00057, SRG-OS-000113-GPOS-00058, SRG-OS-000120-GPOS-00061, SRG-OS-000125-GPOS-00065, SRG-OS-000425-GPOS-00189, SRG-OS-000426-GPOS-00190
Solution
Installing openssh manually is not supported by VMware. Revert to a previous backup or redeploy the VCSA.
Item Details
References: CAT|II, CCI|CCI-000197, CCI|CCI-000803, CCI|CCI-000877, CCI|CCI-001941, CCI|CCI-001942, CCI|CCI-002420, CCI|CCI-002422, CCI|CCI-002891, Rule-ID|SV-239139r856057_rule, STIG-ID|PHTN-67-000068, Vuln-ID|V-239139
Control ID: de47c9bffbb17f4af63e3f088c0b312f6bab86edef8796e2214aa2a61fcdc376