STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to VMware vSphere 7.0 vCenter Appliance EAM Security Technical Implementation Guide

V-256681

CAT II (Medium)

ESX Agent Manager must only run one webapp.

Rule ID

SV-256681r888599_rule

STIG

VMware vSphere 7.0 vCenter Appliance EAM Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-000381, CCI-001749

Discussion

VMware ships ESX Agent Managers on the vCenter Server Appliance (VCSA) with one webapp. Any other path is potentially malicious and must be removed. Satisfies: SRG-APP-000131-WSR-000073, SRG-APP-000141-WSR-000075

Check Content

At the command prompt, run the following command:

# ls -A /usr/lib/vmware-eam/web/webapps

Expected result:

eam

If the output does not match the expected result, this is a finding.

Fix Text

For each unexpected directory returned in the check, run the following command:

# rm /usr/lib/vmware-eam/web/webapps/<NAME>

Restart the service with the following command:

# vmon-cli --restart eam