STIGQter STIGQter: STIG Summary: VMware vSphere 6.7 Virtual Machine Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

Unauthorized serial devices must be disconnected on the virtual machine.

DISA Rule

SV-239342r679575_rule

Vulnerability Number

V-239342

Group Title

SRG-OS-000480-VMM-002000

Rule Version

VMCH-67-000011

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

The VM must be powered off in order to remove a serial device.

From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Select the serial device and click the circle-x to remove then OK.

Check Contents

From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no serial devices exist.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match "serial"}

If a virtual machine has a serial device present, this is a finding.

Vulnerability Number

V-239342

Documentable

False

Rule Version

VMCH-67-000011

Severity Override Guidance

From the vSphere Web Client right-click the Virtual Machine and go to Edit Settings. Review the VMs hardware and verify no serial devices exist.

or

From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command:

Get-VM | Where {$_.ExtensionData.Config.Hardware.Device.DeviceInfo.Label -match "serial"}

If a virtual machine has a serial device present, this is a finding.

Check Content Reference

M

Target Key

5327

Comments