Title

VI Console is used to administer virtual machines. (Cat III impact)

Discussion

The VI Console allows a user to connect to the console of a virtual machine, similar to seeing what a physical server monitor would show. However, the VI Console also provides power management and removable device connectivity controls, which could potentially allow a malicious user to bring down a virtual machine. In addition, it also has a performance impact on the service console, especially if many VI Console sessions are open simultaneously. To prevent performance issues and potential unauthorized users from accessing the VI Console, users should use remote management services, such as terminal services and ssh, to interact with virtual machines.

Check Content

Ask the IAO/SA what tools are used to administer virtual machines remotely. If the response includes the VI console, this is a finding.

Fix Text

Use third party tools to administer virtual machines.

Additional Identifiers

Rule ID: SV-16833r1_rule

Vulnerability ID: V-15892

Group Title: VI Console is used to administer virtual machines

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.