Details
The secrets list stores passwords that are required for remote storage connections or other purposes. These passwords may be visible in clear-text to anyone able to log into the host.
http://blog.403labs.com/post/57428499719/revealing-xenserver-storage-repository-secrets
Solution
Use generic, least-privileged accounts that only have access to the storage repositories. Never mount storage repositories with a privileged Active Directory account.
This security hardening control applies to the following category of controls within NIST 800-53: Identification and Authentication.This control applies to the following type of system Unix.