STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vSphere 7.0 vCenter Appliance UI Security Technical Implementation Guide

V-256786

CAT II (Medium)

vSphere UI plugins must be authorized before use.

Rule ID

SV-256786r889357_rule

STIG

VMware vSphere 7.0 vCenter Appliance UI Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001749

Discussion

The vSphere UI ships with a number of plugins out of the box. Any additional plugins may affect the availability and integrity of the system and must be approved and documented by the information system security officer (ISSO) before deployment.

Check Content

At the command prompt, run the following command: 
 
# diff <(find /usr/lib/vmware-vsphere-ui/plugin-packages/vsphere-client/plugins -type f|sort) <(rpm -ql vsphere-ui|grep "/usr/lib/vmware-vsphere-ui/plugin-packages/vsphere-client/plugins/"|sort) 
 
If there is any output, this indicates a vSphere UI plugin is present that does not ship with the vCenter Server Appliance (VCSA). 
 
If this plugin is not known and approved, this is a finding.

Fix Text

For every unauthorized plugin returned by the check, run the following command: 
 
# rm <file>