STIGQter STIGQter: STIG Summary:

VMware vSphere 6.7 EAM Tomcat Security Technical Implementation Guide

Version: 1

Release: 1 Benchmark Date: 09 Mar 2021

SV-239372r674610_ruleESX Agent Manager must limit the amount of time that each TCP connection is kept alive.
SV-239373r674613_ruleESX Agent Manager must limit the number of concurrent connections permitted.
SV-239374r674616_ruleESX Agent Manager must limit the maximum size of a POST request.
SV-239375r674619_ruleESX Agent Manager must protect cookies from XSS.
SV-239376r674700_ruleESX Agent Manager must record user access in a format that enables monitoring of remote access.
SV-239377r674625_ruleESX Agent Manager must generate log records for system startup and shutdown.
SV-239378r674628_ruleESX Agent Manager log files must only be modifiable by privileged users.
SV-239379r674631_ruleESX Agent Manager application files must be verified for their integrity.
SV-239380r674634_ruleESX Agent Manager must only run one webapp.
SV-239381r674637_ruleESX Agent Manager must not be configured with unsupported realms.
SV-239382r674640_ruleESX Agent Manager must be configured to limit access to internal packages.
SV-239383r674643_ruleESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.
SV-239384r674646_ruleESX Agent Manager must have mappings set for Java servlet pages.
SV-239385r674649_ruleESX Agent Manager must not have the Web Distributed Authoring (WebDAV) servlet installed.
SV-239386r674652_ruleESX Agent Manager must be configured with memory leak protection.
SV-239387r674655_ruleESX Agent Manager must not have any symbolic links in the web content directory tree.
SV-239388r674658_ruleESX Agent Manager directory tree must have permissions in an "out-of-the box" state.
SV-239389r674661_ruleESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
SV-239390r674664_ruleESX Agent Manager must limit the number of allowed connections.
SV-239391r674667_ruleESX Agent Manager must set "URIEncoding" to UTF-8.
SV-239392r674670_ruleESX Agent Manager must use the "setCharacterEncodingFilter" filter.
SV-239393r674673_ruleESX Agent Manager must set the welcome-file node to a default web page.
SV-239394r674676_ruleESX Agent Manager must not show directory listings.
SV-239395r674679_ruleESX Agent Manager must be configured to show error pages with minimal information.
SV-239396r717040_ruleESX Agent Manager must not enable support for TRACE requests.
SV-239397r717099_ruleESX Agent Manager must have the debug option turned off.
SV-239398r674688_ruleRsyslog must be configured to monitor and ship ESX Agent Manager log files.
SV-239399r674691_ruleESX Agent Manager must set the secure flag for cookies.
SV-239400r674694_ruleESX Agent Manager must be configured with the appropriate ports.
SV-239401r674697_ruleESX Agent Manager must disable the shutdown port.