STIGQter STIGQter: STIG Summary: VMware vSphere 6.7 vCenter Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

The vCenter Server Administrator role must be secured and assigned to specific users other than a Windows Administrator.

DISA Rule

SV-243131r719636_rule

Vulnerability Number

V-243131

Group Title

SRG-APP-000516

Rule Version

VCTR-67-000076

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Under the computer management console for windows view the local administrators group and remove any users or groups that do not fit the criteria defined in the check content.

Check Contents

Note: For vCenter Server Appliance, this is not applicable.

If enhanced linked mode is used then local windows authentication is not available to vCenter, this is not applicable.

Under the computer management console for windows view the local administrators group and verify only vCenter administrators have access to the vCenter server.

Other groups and users that are not vCenter administrators should be removed from the local administrators group such as Domain Admins.

If there are any groups or users present in the local administrators group of the vCenter server, this is a finding.

Vulnerability Number

V-243131

Documentable

False

Rule Version

VCTR-67-000076

Severity Override Guidance

Note: For vCenter Server Appliance, this is not applicable.

If enhanced linked mode is used then local windows authentication is not available to vCenter, this is not applicable.

Under the computer management console for windows view the local administrators group and verify only vCenter administrators have access to the vCenter server.

Other groups and users that are not vCenter administrators should be removed from the local administrators group such as Domain Admins.

If there are any groups or users present in the local administrators group of the vCenter server, this is a finding.

Check Content Reference

M

Target Key

5399

Comments