Check: VCTR-67-000010
VMware vSphere 6.7 vCenter STIG:
VCTR-67-000010
(in versions v1 r4 through v1 r1)
Title
The vCenter Server must limit the use of the built-in SSO administrative account. (Cat II impact)
Discussion
Use of the SSO administrator account should be limited as it is a shared account and individual accounts must be used wherever possible.
Check Content
Verify the built-in SSO administrator account is only used for emergencies and situations where it is the only option due to permissions. If the built-in SSO administrator account is used for daily operations or there is no policy restricting its use, this is a finding.
Fix Text
Develop a policy to limit the use of the built-in SSO administrator account.
Additional Identifiers
Rule ID: SV-243080r879594_rule
Vulnerability ID: V-243080
Group Title: SRG-APP-000153
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000770 |
The organization requires individuals to be authenticated with an individual authenticator when a group authenticator is employed. |
Controls
Number | Title |
---|---|
IA-2 (5) |
Group Authentication |