VCUI-67-000029 - vSphere UI must disable the shutdown port - vsphere-ui.json

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

An attacker has at least two reasons to stop a web server. The first is to cause a denial of service, and the second is to put in place changes the attacker made to the web server configuration. If the Tomcat shutdown port feature is enabled, a shutdown signal can be sent to vSphere UI through this port. To ensure availability, the shutdown port must be disabled.

Solution

Navigate to and open /usr/lib/vmware-vsphere-ui/server/conf/server.xml.

Make sure that the server port is disabled:

<Server port='${shutdown.port}' ...>

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_Y22M10_STIG.zip

Item Details

References: CAT|II, CCI|CCI-002385, Rule-ID|SV-239710r679236_rule, STIG-ID|VCUI-67-000029, Vuln-ID|V-239710

Plugin: Unix

Control ID: 7c6856ab61d93a09c6636a1b75afb724ef4f19100f611c92a27656f96adc93ea