STIGQter: STIG Summary: VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

tc Server UI must use NSA Suite A cryptography when encrypting data that must be compartmentalized.

DISA Rule

SV-99717r1_rule

Vulnerability Number

V-89067

Group Title

SRG-APP-000416-WSR-000118

Rule Version

VROM-TC-000860

Severity

CAT II

CCI(s)

• CCI-002450 - The information system implements organization-defined cryptographic uses and type of cryptography required for each use in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards.

Weight

10

Fix Recommendation

If the system is not implemented to process compartmentalized information, this requirement is Not Applicable.

Navigate to and open /usr/lib/vmware-vcops/tomcat-web-app/conf/catalina.properties.

Navigate to the “vmware-ssl.ssl.ciphers.list” setting.

Configure "vmware-ssl.ssl.ciphers.list" with a list of NSA Suite A ciphers.

Check Contents

If the system is not implemented to process compartmentalized information, this requirement is Not Applicable.

At the command prompt, execute the following command:

grep vmware-ssl.ssl.ciphers.list /usr/lib/vmware-vcops/tomcat-web-app/conf/catalina.properties

If the value of "vmware-ssl.ssl.ciphers.list" does not match the list of NSA Suite A ciphers or is missing, this is a finding.

Vulnerability Number

V-89067

Documentable

False

Rule Version

VROM-TC-000860

Severity Override Guidance

If the system is not implemented to process compartmentalized information, this requirement is Not Applicable.

At the command prompt, execute the following command:

grep vmware-ssl.ssl.ciphers.list /usr/lib/vmware-vcops/tomcat-web-app/conf/catalina.properties

If the value of "vmware-ssl.ssl.ciphers.list" does not match the list of NSA Suite A ciphers or is missing, this is a finding.

Check Content Reference

M

Target Key

3441

Comments