STIGs Search Compare About

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
Compare Versions

Resources

About
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← Back to STIGs

VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) Security Technical Implementation Guide

Version

V1R1

Release Date

Oct 29, 2023

SCAP Benchmark ID

VMW_vSphere_8-0_VCSA_VAMI_STIG

Total Checks

24

Tags

vmware

CAT I: 1CAT II: 23CAT III: 0

This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Export CKL Export CSV Export JSON Download STIG ZIP

Checks (24)

V-259137MEDIUMThe vCenter VAMI service must limit the number of allowed simultaneous session requests.V-259138MEDIUMThe vCenter VAMI service must use cryptography to protect the integrity of remote sessions.V-259139MEDIUMThe vCenter VAMI service must generate information to monitor remote access.V-259140MEDIUMThe vCenter VAMI service must produce log records containing sufficient information to establish what type of events occurred.V-259141MEDIUMThe vCenter VAMI service log files must only be accessible by privileged users.V-259142MEDIUMThe vCenter VAMI service must off-load log records onto a different system or media from the system being logged.V-259143MEDIUMThe vCenter VAMI service must explicitly disable Multipurpose Internet Mail Extensions (MIME) mime mappings based on "Content-Type".V-259144MEDIUMThe vCenter VAMI service must have resource mappings set to disable the serving of certain file types.V-259145MEDIUMThe vCenter VAMI service must have Web Distributed Authoring (WebDAV) disabled.V-259146MEDIUMThe vCenter VAMI service must protect system resources and privileged operations from hosted applications.V-259147MEDIUMThe vCenter VAMI service must restrict access to the web server's private key.V-259148HIGHThe vCenter VAMI service must enable FIPS mode.V-259149MEDIUMThe vCenter VAMI service must restrict the ability of users to launch Denial of Service (DoS) attacks against other information systems or networks.V-259150MEDIUMThe vCenter VAMI service must set the encoding for all text mime types to UTF-8.V-259151MEDIUMThe vCenter VAMI service must disable directory listing.V-259152MEDIUMThe vCenter VAMI service must not be configured to use the "mod_status" module.V-259153MEDIUMThe vCenter VAMI service must have debug logging disabled.V-259154MEDIUMThe vCenter VAMI service must enable honoring the SSL cipher order.V-259155MEDIUMThe vCenter VAMI service must disable client initiated TLS renegotiation.V-259156MEDIUMThe vCenter VAMI service must be configured to hide the server type and version in client responses.V-259157MEDIUMThe vCenter VAMI service must implement HTTP Strict Transport Security (HSTS).V-259158MEDIUMThe vCenter VAMI service must implement prevent rendering inside a frame or iframe on another site.V-259159MEDIUMThe vCenter VAMI service must protect against MIME sniffing.V-259160MEDIUMThe vCenter VAMI service must enable Content Security Policy.