UCF STIG Viewer Logo

The use of Linux-based clients must be restricted.


Finding ID Version Rule ID IA Controls Severity
VCENTER-000021 VCENTER-000021 VCENTER-000021_rule Low
Although SSL-based encryption is used to protect communication between client components and vCenter Server or ESXi, the Linux versions of these components do not perform certificate validation. Even if the self-signed certificates are replaced on vCenter and ESXi with legitimate certificates signed by the local root certificate authority or a third party, communications with Linux clients are still vulnerable to MiTM attacks.
VMware vCenter Server Security Technical Implementation Guide 2013-01-15


Check Text ( C-VCENTER-000021_chk )
Verify all client operating systems connecting to the vCenter Server is not Linux.

If any client operating system connecting to the vCenter Server is Linux-based, this is a finding.

Fix Text (F-VCENTER-000021_fix)
Replace all Linux-based clients connecting to the vCenter Server with non-Linux-based clients.