Detections
Analytics
VCWN-06-000026 - Privilege re-assignment must be checked after the vCenter Server restarts.
Information
Check for privilege reassignment when you restart vCenter Server. If the user or user group that is assigned the Administrator role on the root folder cannot be verified as a valid user or group during a restart, the role is removed from that user or group. In its place, vCenter Server grants the Administrator role to the vCenter Single Sign-On account [email protected]. This account can then act as the administrator. Reestablish a named administrator account and assign the Administrator role to that account to avoid using the anonymous [email protected] account.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
As the SSO Administrator, log in to the vCenter Server and restore a legitimate administrator account per site-specific user/group/role requirements.See Also
http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_vCenter_Server_for_Windows_V1R4_STIG.zip
Item Details
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Group-ID|V-63989, Rule-ID|SV-78479r1_rule, STIG-ID|VCWN-06-000026, Vuln-ID|V-63989
Plugin: VMware
Control ID: 72339804a9a913aa62fefc387ecd5b4c154615945acfa6f1af167b5d8d71881f