Check: VCPF-67-000028
VMware vSphere 6.7 Perfcharts Tomcat STIG:
VCPF-67-000028
(in versions v1 r3 through v1 r1)
Title
Performance Charts must be configured with the appropriate ports. (Cat II impact)
Discussion
Web servers provide numerous processes, features, and functionalities that use TCP/IP ports. Some of these processes may be deemed unnecessary or too unsecure to run on a production system. The ports that the Performance Charts listens on are configured in the "catalina.properties" file and must be verified as accurate to their shipping state.
Check Content
At the command prompt, execute the following command: # grep '^bio\.' /usr/lib/vmware-perfcharts/tc-instance/conf/catalina.properties Expected result: bio.http.port=13080 bio.https.port=8443 If the output of the command does not match the expected result, this is a finding.
Fix Text
Navigate to and open /usr/lib/vmware-perfcharts/tc-instance/conf/catalina.properties. Navigate to the ports specification section. Add or modify the following lines: bio.http.port=13080 bio.https.port=8443
Additional Identifiers
Rule ID: SV-239429r879756_rule
Vulnerability ID: V-239429
Group Title: SRG-APP-000383-WSR-000175
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-001762 |
The organization disables organization-defined functions, ports, protocols, and services within the information system deemed to be unnecessary and/or nonsecure. |
Controls
Number | Title |
---|---|
CM-7 (1) |
Periodic Review |