STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation Guide

V-256613

CAT II (Medium)

Performance Charts must limit the maximum size of a POST request.

Rule ID

SV-256613r888330_rule

STIG

VMware vSphere 7.0 vCenter Appliance Perfcharts Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000054

Discussion

The "maxPostSize" value is the maximum size in bytes of the POST that will be handled by the container FORM URL parameter parsing. Limit its size to reduce exposure to a denial-of-service attack. If "maxPostSize" is not set, the default value of 2097152 (2MB) is used. Performance Charts is configured in its shipping state to not set a value for "maxPostSize".

Check Content

At the command prompt, run the following command:

# xmllint --xpath '/Server/Service/Connector/@maxPostSize' /usr/lib/vmware-perfcharts/tc-instance/conf/server.xml

Expected result:

XPath set is empty

If the output does not match the expected result, this is a finding.

Fix Text

Navigate to and open:

/usr/lib/vmware-perfcharts/tc-instance/conf/server.xml

Navigate to each of the <Connector> nodes.

Remove any configuration for "maxPostSize".

Restart the service with the following command:

# vmon-cli --restart perfcharts