STIGQter STIGQter: STIG Summary: VMware vSphere 6.7 vCenter Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

The vCenter Server services must be ran using a service account instead of a built-in Windows account.

DISA Rule

SV-243127r719624_rule

Vulnerability Number

V-243127

Group Title

SRG-APP-000516

Rule Version

VCTR-67-000072

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

For each of the following services open the services console on the vCenter server and right-click, select "Properties" on the service. Go to the "Log On" tab and configure the service to run as a service account and restart the service.

VMware Content Library Service
VMware Inventory Service
VMware Performance Charts
VMware VirtualCenter Server

Check Contents

Note: For vCenter Server Appliance, this is not applicable.

The following services should be set to run as a service account:

VMware Content Library Service
VMware Inventory Service
VMware Performance Charts
VMware VirtualCenter Server

vCenter should be installed using the service account as that will configure the services appropriately.

If vCenter is not installed with a service account, this is a finding.

If the services identified in this control are not running as a service account, this is a finding.

Vulnerability Number

V-243127

Documentable

False

Rule Version

VCTR-67-000072

Severity Override Guidance

Note: For vCenter Server Appliance, this is not applicable.

The following services should be set to run as a service account:

VMware Content Library Service
VMware Inventory Service
VMware Performance Charts
VMware VirtualCenter Server

vCenter should be installed using the service account as that will configure the services appropriately.

If vCenter is not installed with a service account, this is a finding.

If the services identified in this control are not running as a service account, this is a finding.

Check Content Reference

M

Target Key

5399

Comments