VCST-67-000009 - The Security Token Service must only run one web app.

Information

VMware ships the Security Token Service on the VCSA with one web app, in ROOT.war. Any other .war file is potentially malicious and must be removed.

Solution

Connect to the PSC, whether external or embedded.

For each unexpected file returned in the check, run the following command:

# rm /usr/lib/vmware-sso/vmware-sts/webapps/<NAME>.war

Restart the service with the following command:

# service-control --restart vmware-stsd

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y23M07_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-5(3), CAT|II, CCI|CCI-001749, Rule-ID|SV-239660r879584_rule, STIG-ID|VCST-67-000009, Vuln-ID|V-239660

Plugin: Unix

Control ID: a690b42408e349f8ac95640d98ce375fef26c2b1c2ed83eefd764936adae1cca