ESXI-06-000071 – The system must verify the integrity of the installation media before installing ESXi.

Details

Always check the SHA1 hash after downloading an ISO, offline bundle, or patch to ensure integrity and authenticity of the downloaded files.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

If the hash returned from the md5sum or sha1sum commands do not match the vendor’s hash, the downloaded software must be discarded.
If the physical media is obtained from VMware and the security seal is broken, the software must be returned to VMware for replacement.

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMware_vSphere_6-0_ESXi_V1R5_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|I
CCI|CCI-000366
Group-ID|V-63311
Rule-ID|SV-77801r1_rule
STIG-ID|ESXI-06-000071
Vuln-ID|V-63311

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles