Check: HRZV-7X-000034
VMware Horizon 7.13 Connection Server STIG:
HRZV-7X-000034
(in versions v1 r2 through v1 r1)
Title
The Horizon Connection Server must prevent MIME type sniffing. (Cat II impact)
Discussion
MIME types define how a given type of file is intended to be processed by the browser. Modern browsers are capable of determining the content type of a file by byte headers and content inspection and can then override the type dictated by the server. An example would be a ".js" that was sent as the "jpg" mime type vs the JavaScript mime type. The browser would "correct" this and process the file as JavaScript. The danger is that a given file could be disguised as something else on the server, like JavaScript, opening up the door to cross-site scripting. To disable browser "sniffing" of content type, the Connection Server sends the "x-content-type-options: nosniff" header by default. This configuration must be validated and maintained over time.
Check Content
On the Horizon Connection Server, navigate to "<install_directory>\VMware\VMware View\Server\sslgateway\conf". If a file named "locked.properties" does not exist in this path, this is NOT a finding. Open "locked.properties" in a text editor. Find the "x-content-type-options" setting. If there is no "x-content-type-options" setting, this is NOT a finding. If "x-content-type-options" is set to "false", this is a finding.
Fix Text
On the Horizon Connection Server, navigate to "<install_directory>\VMware\VMware View\Server\sslgateway\conf". Open "locked.properties" in a text editor. Remove the following line: x-content-type-options=false Save and close the file. Restart the "VMware Horizon View Connection Server" service for changes to take effect.
Additional Identifiers
Rule ID: SV-246915r879887_rule
Vulnerability ID: V-246915
Group Title: SRG-APP-000516-AS-000237
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
Implement the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |