ESXI-67-000079 – The ESXi host must not suppress warnings that the local or remote shell sessions are enabled.

Details

Warnings that local or remote shell sessions are enabled alert administrators to activity that they may not be aware of and need to investigate.

Solution

From the vSphere Web Client, select the host and click Configure >> System >> Advanced System Settings.

Find the ‘UserVars.SuppressShellWarning’ value and set it to the following:

From a PowerCLI command prompt while connected to the ESXi host, run the following command:

Get-VMHost | Get-AdvancedSetting -Name UserVars.SuppressShellWarning | Set-AdvancedSetting -Value ‘0’

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|II
CCI|CCI-000366
Rule-ID|SV-239329r674916_rule
STIG-ID|ESXI-67-000079
Vuln-ID|V-239329

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles