| VCLU-80-000005 The vCenter Lookup service cookies must have secure flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000025 The vCenter Lookup service logs folder permissions must be set correctly. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-80-000034 The vCenter Lookup service must limit privileges for creating or modifying hosted application shared files. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000036 The vCenter Lookup service must disable stack tracing. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000037 The vCenter Lookup service must be configured to use a specified IP address and port. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000057 The vCenter Lookup service must be configured to limit data exposure between applications. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLU-80-000067 The vCenter Lookup service 'ErrorReportValve showServerInfo' must be set to 'false'. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLU-80-000070 The vCenter Lookup service must set an inactive timeout for sessions. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000081 The vCenter Lookup service must offload log records onto a different system or media from the system being logged. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | AUDIT AND ACCOUNTABILITY |
| VCLU-80-000126 The vCenter Lookup service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000129 The vCenter Lookup service cookies must have 'http-only' flag set. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000130 The vCenter Lookup service DefaultServlet must be set to 'readonly' for 'PUT' and 'DELETE' commands. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCLU-80-000134 The vCenter Lookup service shutdown port must be disabled. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000137 The vCenter Lookup service directory listings parameter must be disabled. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000139 The vCenter Lookup service must have Autodeploy disabled. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000140 The vCenter Lookup service xpoweredBy attribute must be disabled. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000141 The vCenter Lookup service example applications must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000142 The vCenter Lookup service default ROOT web application must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000143 The vCenter Lookup service default documentation must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000144 The vCenter Lookup service files must have permissions in an out-of-the-box state. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000151 The vCenter Lookup service must disable 'ALLOW_BACKSLASH'. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000152 The vCenter Lookup service must enable 'ENFORCE_ENCODING_IN_GET_WRITER'. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCLU-80-000155 The vCenter Lookup service host-manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCSA-80-000009 - The vCenter Server must use DOD-approved encryption to protect the confidentiality of network sessions. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000024 - The vCenter Server must display the Standard Mandatory DOD Notice and Consent Banner before logon. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCSA-80-000057 - vCenter Server plugins must be verified. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000060 - The vCenter Server must require multifactor authentication. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000069 - The vCenter Server passwords must be at least 15 characters in length. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000073 - The vCenter Server passwords must contain at least one numeric character. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000074 - The vCenter Server passwords must contain at least one special character. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000080 - The vCenter Server must enable revocation checking for certificate-based authentication. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000095 - The vCenter Server user roles must be verified. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000110 - The vCenter Server must manage excess capacity, bandwidth, or other redundancy to limit the effects of information flooding types of denial-of-service (DoS) attacks by enabling Network I/O Control (NIOC). | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCSA-80-000123 - The vCenter Server must provide an immediate real-time alert to the system administrator (SA) and information system security officer (ISSO), at a minimum, on every Single Sign-On (SSO) account action. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCSA-80-000145 - The vCenter Server must set the interval for counting failed login attempts to at least 15 minutes. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCSA-80-000148 - The vCenter Server must be configured to send logs to a central log server. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | AUDIT AND ACCOUNTABILITY |
| VCSA-80-000253 - The vCenter server must enforce SNMPv3 security features where SNMP is required. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000265 - The vCenter server must disable SNMPv1/2 receivers. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | IDENTIFICATION AND AUTHENTICATION |
| VCSA-80-000266 - The vCenter Server must require an administrator to unlock an account locked due to excessive login failures. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | ACCESS CONTROL |
| VCSA-80-000269 - The vCenter Server must set the distributed port group Media Access Control (MAC) Address Change policy to "Reject". | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000276 - The vCenter Server must configure the "vpxuser" password to meet length policy. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000277 - The vCenter Server must be isolated from the public internet but must still allow for patch notification and delivery. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000281 - The vCenter Server must disable or restrict the connectivity between vSAN Health Check and public Hardware Compatibility List (HCL) by use of an external proxy server. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000288 - The vCenter Server must use secure Lightweight Directory Access Protocol (LDAPS) when adding an LDAP identity source. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000290 - The vCenter Server must limit membership to the "SystemConfiguration.BashShellAdministrators" Single Sign-On (SSO) group. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000294 - The vCenter server Native Key Provider must be backed up with a strong password. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000295 - The vCenter server must require authentication for published content libraries. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000299 - The vCenter Server must disable CDP/LLDP on distributed switches. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000301 - The vCenter Server must not override port group settings at the port level on distributed switches. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
| VCSA-80-000303 - The vCenter Server must disable Secure Shell (SSH) access. | DISA VMware vSphere 8.0 vCenter STIG v2r3 | VMware | CONFIGURATION MANAGEMENT |
