VCPF-67-000031 - Performance Charts must be configured to limit access to internal packages.

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

Information

The 'package.access' entry in the 'catalina.properties' file implements access control at the package level. When this is properly configured, a Security Exception will be reported if an errant or malicious web app attempts to access the listed internal classes directly or if a new class is defined under the protected packages. Performance Charts comes preconfigured with the appropriate packages defined in 'package.access', and this configuration must be maintained.

Solution

Navigate to and open /usr/lib/vmware-sso/vmware-sts/conf/catalina.properties and ensure that the 'package.access' line is configured as follows:

package.access =
sun.,
org.apache.catalina.,
org.apache.coyote.,
org.apache.jasper.,
org.apache.naming.resources.,
org.apache.tomcat.

Item Details

Audit Name: DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r1

Plugin: Unix

Control ID: 6490f2072dd194f312df64655497bf598e70f3e09eb4af793bb1052a370283d9

Detections

Analytics

VCPF-67-000031 - Performance Charts must be configured to limit access to internal packages.

Warning! Audit Deprecated

Information

Solution

See Also

Item Details