STIGQter: STIG Summary: VMware vSphere 6.7 ESXi Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021: STIGQter: STIG Summary: VMware vSphere 6.7 ESXi Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:SV-239323r674898_rule
V-239323
SRG-OS-000480-VMM-002000
ESXI-67-000070
CAT II
10
Create a role for the CIM account:
From the Host Client, go to Manage >> Security & Users.
Select "Roles" and click "Add Role".
Provide a name for the new role and select Host >> Cim >> Ciminteraction and click "Add".
Add a CIM user account:
From the Host Client, go to Manage >> Security & Users.
Select "Users" and click "Add User".
Provide a name, description, and password for the new user and click "Add".
Assign the CIM account permissions to the host with the new role.
From the Host Client, select the ESXi host, right-click, and go to "Permissions".
Click "Add User", select the CIM account from the drop-down list, select the new CIM role from the drop-down list, and click "Add User".
From the Host Client, select the ESXi host, right-click and go to "Permissions".
Verify the CIM account user role is limited to read only and CIM permissions.
If there is no dedicated CIM account and the root is used for CIM monitoring, this is a finding.
If write access is not required and the access level is not "read-only", this is a finding.
V-239323
False
ESXI-67-000070
From the Host Client, select the ESXi host, right-click and go to "Permissions".
Verify the CIM account user role is limited to read only and CIM permissions.
If there is no dedicated CIM account and the root is used for CIM monitoring, this is a finding.
If write access is not required and the access level is not "read-only", this is a finding.
M
5326