STIGQter: STIG Summary: VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vAMI must use approved versions of TLS.

DISA Rule

SV-100905r1_rule

Vulnerability Number

V-90255

Group Title

SRG-APP-000439-AS-000155

Rule Version

VRAU-VA-000565

Severity

CAT II

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.

Configure the lighttpd.conf file with the following two values:
'ssl.use-sslv2 = "disable"'
'ssl.use-sslv3 = "disable"'

Note: Both values must be present.

Check Contents

At the command prompt, execute the following command:

grep ssl.use-sslv /opt/vmware/etc/lighttpd/lighttpd.conf

If the value of "ssl.use-sslv2" and "ssl.use-sslv3" are not "disable", this is a finding.

Vulnerability Number

V-90255

Documentable

False

Rule Version

VRAU-VA-000565

Severity Override Guidance

At the command prompt, execute the following command:

grep ssl.use-sslv /opt/vmware/etc/lighttpd/lighttpd.conf

If the value of "ssl.use-sslv2" and "ssl.use-sslv3" are not "disable", this is a finding.

Check Content Reference

M

Target Key

3449

Comments