Check: VCEM-67-000008
VMware vSphere 6.7 EAM Tomcat STIG:
VCEM-67-000008
(in versions v1 r4 through v1 r1)
Title
ESX Agent Manager application files must be verified for their integrity. (Cat II impact)
Discussion
Verifying that ESX Agent Manager application code is unchanged from its shipping state is essential for file validation and non-repudiation of the ESX Agent Manager. There is no reason that the MD5 hash of the rpm original files should be changed after installation, excluding configuration files. Satisfies: SRG-APP-000131-WSR-000051, SRG-APP-000357-WSR-000150
Check Content
At the command prompt, execute the following command: # rpm -V vmware-eam|grep "^..5......"|grep -E "\.war|\.jar|\.sh|\.py" If there is any output, this is a finding.
Fix Text
Reinstall the VCSA or roll back to a snapshot. Modifying the EAM installation files manually is not supported by VMware.
Additional Identifiers
Rule ID: SV-239379r879584_rule
Vulnerability ID: V-239379
Group Title: SRG-APP-000131-WSR-000051
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001749 |
The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization. |
CCI-001849 |
The organization allocates audit record storage capacity in accordance with organization-defined audit record storage requirements. |