Details

Check for privilege reassignment when you restart vCenter Server. If the user or user group that is assigned the Administrator role on the root folder cannot be verified as a valid user or group during a restart, the role is removed from that user or group. In its place, vCenter Server grants the Administrator role to the vCenter Single Sign-On account [email protected] This account can then act as the administrator.

Reestablish a named administrator account and assign the Administrator role to that account to avoid using the anonymous [email protected] account.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

As the SSO Administrator, log in to the vCenter Server and restore a legitimate administrator account per site-specific user/group/role requirements.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-5_Y21M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• Rule-ID|SV-216848r612237_rule
• STIG-ID|VCWN-65-000026
• STIG-Legacy|SV-104675
• STIG-Legacy|V-94845
• Vuln-ID|V-216848

Source

• Tenable.com/audits