Check: VCENTER-000005
VMware vCenter Server Version 5 STIG:
VCENTER-000005
(in versions v2 r1 through v1 r7)
Title
Privilege re-assignment must be checked after the vCenter Server restarts. (Cat II impact)
Discussion
During a restart of vCenter Server, if the user or user group that is assigned Administrator role on the root folder could not be verified as a valid user/group during the restart, the user/group's permission as Administrator will be removed. In its place, vCenter Server defaults the Administrator role to the local Windows administrators group, to act as a new vCenter Server Administrator. This default administrative assignment must be rectified by re-establishing a legitimate vCenter Server account with an Administrator role.
Check Content
After the Windows server hosting the vCenter Server has been rebooted, a vCenter Server user or member of the user group granted the administrator role must log in and verify the role permissions remain intact. If the user and/or user group granted vCenter administrator role permissions cannot be verified intact, this is a finding.
Fix Text
As a Windows Administrator, log in to the vCenter Server and restore a legitimate administrator account per site-specific user/group/role requirements.
Additional Identifiers
Rule ID: SV-250727r799871_rule
Vulnerability ID: V-250727
Group Title: SRG-APP-000516
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |