Check: VMCH-70-000008
VMware vSphere 7.0 Virtual Machine STIG:
VMCH-70-000008
(in versions v1 r3 through v1 r1)
Title
Unauthorized floppy devices must be disconnected on the virtual machine (VM). (Cat II impact)
Discussion
Ensure no device is connected to a virtual machine if it is not required. For example, floppy, serial, and parallel ports are rarely used for virtual machines in a data center environment, and CD/DVD drives are usually connected only temporarily during software installation.
Check Content
Floppy drives are no longer visible through the vSphere Client and must be done via the Application Programming Interface (API) or PowerCLI. From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command: Get-VM | Get-FloppyDrive | Select Parent, Name, ConnectionState If a virtual machine has a floppy drive connected, this is a finding.
Fix Text
Floppy drives are no longer visible through the vSphere Client and must be done via the API or PowerCLI. From a PowerCLI command prompt while connected to the ESXi host or vCenter server, run the following command: Get-VM "VM Name" | Get-FloppyDrive | Remove-FloppyDrive Note: The VM must be powered off to remove the floppy drive.
Additional Identifiers
Rule ID: SV-256457r886414_rule
Vulnerability ID: V-256457
Group Title: SRG-OS-000480-VMM-002000
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |