VCWN-06-000027 - The system must minimize access to the vCenter server.

Information

After someone has logged in to the vCenter Server system, it becomes more difficult to prevent what they can do. In general, logging in to the vCenter Server system should be limited to very privileged administrators, and then only for the purpose of administering vCenter Server or the host OS. Anyone logged in to the vCenter Server can potentially cause harm, either intentionally or unintentionally, by altering settings and modifying processes. They also have potential access to vCenter credentials, such as the SSL certificate.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Remove all unnecessary users and/or groups from the local administrators group of the vCenter server.

See Also

http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_vCenter_Server_for_Windows_V1R4_STIG.zip

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CAT|I, CCI|CCI-000366, Group-ID|V-63991, Rule-ID|SV-78481r1_rule, STIG-ID|VCWN-06-000027, Vuln-ID|V-63991

Plugin: VMware

Control ID: 7683bf0907361baf022f69814277d5c3e62d1c57b6f07e037e9f138dbe27ae97