VCEM-67-000009 – ESX Agent Manager must only run one webapp.

Details

VMware ships ESX Agent Managers on the VCSA with one webapp. Any other path is potentially malicious and must be removed.

Solution

For each unexpected directory returned in the check, run the following command:

# rm /usr/lib/vmware-eam/web/webapps/

Restart the service with the following command:

# vmon-cli –restart eam

Supportive Information

The following resource is also helpful.

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-7_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-5(3)
CAT|II
CCI|CCI-001749
Rule-ID|SV-239380r674634_rule
STIG-ID|VCEM-67-000009
Vuln-ID|V-239380

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles