DISA STIG VMware vSphere 6.7 EAM Tomcat v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA STIG VMware vSphere 6.7 EAM Tomcat v1r1

Updated: 6/10/2022

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.3

Estimated Item Count: 37

File Details

Filename: DISA_STIG_VMware_vSphere_6.7_EAM_Tomcat_v1r1.audit

Size: 66.2 kB

MD5: e378d0dafe677db52e1c8b9f0be2751b
SHA256: 09f93ee74a6fc3b54531741e1a86b7169e9e31dd2d109a87222f788d0dd45b62

Audit Items

DescriptionCategories
DISA_STIG_VMware_vSphere_6.7_EAM_Tomcat_v1r1.audit from DISA VMware vSphere 6.7 EAM Tomcat v1r1 STIG
VCEM-67-000001 - ESX Agent Manager must limit the amount of time that each TCP connection is kept alive.
VCEM-67-000002 - ESX Agent Manager must limit the number of concurrent connections permitted.
VCEM-67-000003 - ESX Agent Manager must limit the maximum size of a POST request.
VCEM-67-000004 - ESX Agent Manager must protect cookies from XSS.
VCEM-67-000005 - ESX Agent Manager must record user access in a format that enables monitoring of remote access.
VCEM-67-000006 - ESX Agent Manager must generate log records for system startup and shutdown.
VCEM-67-000007 - ESX Agent Manager log files must only be modifiable by privileged users.
VCEM-67-000008 - ESX Agent Manager application files must be verified for their integrity.
VCEM-67-000009 - ESX Agent Manager must only run one webapp.
VCEM-67-000010 - ESX Agent Manager must not be configured with unsupported realms.
VCEM-67-000011 - ESX Agent Manager must be configured to limit access to internal packages.
VCEM-67-000012 - ESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.
VCEM-67-000013 - ESX Agent Manager must have mappings set for Java servlet pages.
VCEM-67-000014 - ESX Agent Manager must not have the Web Distributed Authoring (WebDAV) servlet installed.
VCEM-67-000015 - ESX Agent Manager must be configured with memory leak protection.
VCEM-67-000016 - ESX Agent Manager must not have any symbolic links in the web content directory tree.
VCEM-67-000017 - ESX Agent Manager directory tree must have permissions in an 'out-of-the box' state - out-of-the box state.
VCEM-67-000018 - ESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.
VCEM-67-000019 - ESX Agent Manager must limit the number of allowed connections.
VCEM-67-000020 - ESX Agent Manager must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter
VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping
VCEM-67-000022 - ESX Agent Manager must set the welcome-file node to a default web page.
VCEM-67-000023 - ESX Agent Manager must not show directory listings.
VCEM-67-000024 - ESX Agent Manager must be configured to show error pages with minimal information.
VCEM-67-000025 - ESX Agent Manager must not enable support for TRACE requests.
VCEM-67-000026 - ESX Agent Manager must have the debug option turned off.
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - access
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - catalina
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - firstboot
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - localhost
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - main
VCEM-67-000027 - Rsyslog must be configured to monitor and ship ESX Agent Manager log files - stdout
VCEM-67-000028 - ESX Agent Manager must set the secure flag for cookies.
VCEM-67-000029 - ESX Agent Manager must be configured with the appropriate ports.
VCEM-67-000030 - ESX Agent Manager must disable the shutdown port.