STIGQter STIGQter: STIG Summary: VMware vSphere 6.5 Virtual Machine Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 25 Oct 2019: Unauthorized floppy devices must be disconnected on the virtual machine.

DISA Rule

SV-104443r1_rule

Vulnerability Number

V-94613

Group Title

SRG-OS-000480-VMM-002000

Rule Version

VMCH-65-000028

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

If the floppy drive is required to be present, then from the vSphere Client right-click the Virtual Machine and go to Edit Settings, make sure the drive is not connected and will not "Connect at power on".

If the floppy drive is not required, then from the vSphere Client power off the virtual machine, right-click the Virtual Machine and go to Edit Settings, select the floppy drive and click the circle-x to remove then OK.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM "VM Name" | Get-FloppyDrive | Remove-FloppyDrive

Check Contents

From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no floppy device is connected.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState

If a virtual machine has a floppy drive connected, this is a finding.

Vulnerability Number

V-94613

Documentable

False

Rule Version

VMCH-65-000028

Severity Override Guidance

From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no floppy device is connected.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState

If a virtual machine has a floppy drive connected, this is a finding.

Check Content Reference

M

Target Key

3489

Comments