STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to STIGs

VMware vSphere 7.0 vCenter Appliance EAM Security Technical Implementation Guide

Version

V1R2

Release Date

Jun 15, 2023

SCAP Benchmark ID

VMW_vSphere_7-0_vCA_EAM_STIG

Total Checks

33

Tags

vmware
CAT I: 0CAT II: 33CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKLExport CSVExport JSONDownload STIG ZIP

Checks (33)

V-256673MEDIUMESX Agent Manager must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive.V-256674MEDIUMESX Agent Manager must limit the number of concurrent connections permitted.V-256675MEDIUMESX Agent Manager must limit the maximum size of a POST request.V-256676MEDIUMESX Agent Manager must protect cookies from cross-site scripting (XSS).V-256677MEDIUMESX Agent Manager must record user access in a format that enables monitoring of remote access.V-256678MEDIUMESX Agent Manager must generate log records for system startup and shutdown.V-256679MEDIUMESX Agent Manager log files must only be modifiable by privileged users.V-256680MEDIUMESX Agent Manager application files must be verified for their integrity.V-256681MEDIUMESX Agent Manager must only run one webapp.V-256682MEDIUMESX Agent Manager must not be configured with unsupported realms.V-256683MEDIUMESX Agent Manager must be configured to limit access to internal packages.V-256684MEDIUMESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled.V-256685MEDIUMESX Agent Manager must have mappings set for Java servlet pages.V-256686MEDIUMESX Agent Manager must not have the Web Distributed Authoring (WebDAV) servlet installed.V-256687MEDIUMESX Agent Manager must be configured with memory leak protection.V-256688MEDIUMESX Agent Manager must not have any symbolic links in the web content directory tree.V-256689MEDIUMESX Agent Manager directory tree must have permissions in an out-of-the-box state.V-256690MEDIUMESX Agent Manager must fail to a known safe state if system initialization fails, shutdown fails, or aborts fail.V-256691MEDIUMESX Agent Manager must limit the number of allowed connections.V-256692MEDIUMESX Agent Manager must set URIEncoding to UTF-8.V-256693MEDIUMESX Agent Manager must use the "setCharacterEncodingFilter" filter.V-256694MEDIUMESX Agent Manager must set the welcome-file node to a default web page.V-256695MEDIUMESX Agent Manager must not show directory listings.V-256696MEDIUMESX Agent Manager must be configured to show error pages with minimal information.V-256697MEDIUMESX Agent Manager must be configured to not show error reports.V-256698MEDIUMESX Agent Manager must hide the server version.V-256699MEDIUMESX Agent Manager must not enable support for TRACE requests.V-256700MEDIUMESX Agent Manager must have the debug option disabled.V-256701MEDIUMRsyslog must be configured to monitor and ship ESX Agent Manager log files.V-256702MEDIUMESX Agent Manager must set the secure flag for cookies.V-256703MEDIUMESX Agent Manager must be configured with the appropriate ports.V-256704MEDIUMESX Agent Manager must disable the shutdown port.V-256705MEDIUMESX Agent Manager default servlet must be set to "readonly".