STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

V-241669

CAT II (Medium)

tc Server ALL baseline must be documented and maintained.

Rule ID

SV-241669r879640_rule

STIG

VMware vRealize Operations Manager 6.x tc Server Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001190

Discussion

Making certain that the web server has not been updated by an unauthorized user is always a concern. Adding patches, functions, and modules that are untested and not part of the baseline opens the possibility for security risks. The web server must offer, and not hinder, a method that allows for the quick and easy reinstallation of a verified and patched baseline to guarantee the production web server is up-to-date and has not been modified to add functionality or expose security risks. Because tc Server is installed as part of the entire vROps application, and not installed separately, VMware has ensured that all updates, upgrades, and patches have been thoroughly tested before becoming part of the production build process.

Check Content

Obtain supporting documentation from the ISSO.

Review the web server documentation and deployed configuration to determine if the tc Server code baseline is documented and maintained.

If the tc Server code baseline is not documented and maintained, this is a finding.

Fix Text

Develop baseline documentation of the tc Server codebase and ensure the tc Server baseline is configured properly.