VMCH-06-000041 – The system must control access to VMs through the dvfilter network APIs.

Details

An attacker might compromise a VM by making use the dvFilter API. Configure only those VMs that need this access to use the API.

Solution

From a PowerCLI command prompt while connected to the ESXi host or vCenter server run the following command:

Get-VM ‘VM Name’ | Get-AdvancedSetting -Name ethernetX.filterY.name | Remove-AdvancedSetting

Note: Change the X and Y values to match the specific setting in your environment.

Supportive Information

The following resource is also helpful.

http://iasecontent.disa.mil/stigs/zip/U_VMware_vSphere_6-0_Virtual_Machine_V1R1_STIG.zip

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system VMware.

References

800-53|CM-6b.
CAT|III
CCI|CCI-000366
Group-ID|V-64119
Rule-ID|SV-78609r1_rule
STIG-ID|VMCH-06-000041
Vuln-ID|V-64119

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles