Details

By default, vCenter Server grants full administrative rights to the local administrator’s account, which can be accessed by domain administrators. Separation of duties dictates that full vCenter Administrative rights should be granted only to those administrators who are required to have it. This privilege should not be granted to any group whose membership is not strictly controlled. Therefore, administrative rights should be removed from the local Windows server to users who are not vCenter administrators.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Under the computer management console for windows view the local administrators group and remove any users or groups that do not fit the criteria defined in the check content.

Supportive Information

The following resource is also helpful.

• https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_VMW_vSphere_6-5_Y21M10_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

• 800-53|CM-6b.
• CAT|II
• CCI|CCI-000366
• Rule-ID|SV-216852r766916_rule
• STIG-ID|VCWN-65-000030
• STIG-Legacy|SV-104599
• STIG-Legacy|V-94769
• Vuln-ID|V-216852

Source

• Tenable.com/audits