|Finding ID||Version||Rule ID||IA Controls||Severity|
|Although SSL-based encryption is used to protect communication between client components and vCenter Server or ESXi, the Linux versions of these components do not perform certificate validation. Even if the self-signed certificates are replaced on vCenter and ESXi with legitimate certificates signed by the local root certificate authority or a third party, communications with Linux clients are still vulnerable to MiTM attacks.|
|VMware vCenter Server Security Technical Implementation Guide||2013-01-15|
|Check Text ( C-VCENTER-000021_chk )|
| Verify all client operating systems connecting to the vCenter Server is not Linux. |
If any client operating system connecting to the vCenter Server is Linux-based, this is a finding.
|Fix Text (F-VCENTER-000021_fix)|
| Replace all Linux-based clients connecting to the vCenter Server with non-Linux-based clients. |