|Finding ID||Version||Rule ID||IA Controls||Severity|
|The vCenter Server includes a vSphere Client extensibility framework, which provides the ability to extend the vSphere Client with menu selections or toolbar icons that provide access to vCenter Server add-on components or external, Web-based functionality. vSphere Client plugins or extensions run at the same privilege level as the user. Malicious extensions might masquerade as useful add-ons while compromising the system by stealing credentials or incorrectly configuring the system.|
|VMware vCenter Server Security Technical Implementation Guide||2013-01-15|
|Check Text ( C-VCENTER-000029_chk )|
| Verify the vSphere Client used by administrators includes only authorized extensions from trusted sources: |
From the vSphere Client, "Plug-ins>> Manage Plug-ins" and click the Installed Plug-ins tab. View the Installed/Available Plug-ins list and verify they are all identified as authorized VMware, 3rd party (Partner) and/or site-specific (locally developed and site) approved plug-ins.
If any Installed/Available plug-ins in the viewable list cannot be verified as vSphere Client plug-ins and/or authorized extensions from trusted sources, this is a finding.
|Fix Text (F-VCENTER-000029_fix)|
| Disable/remove all listed plug-ins that cannot be verified as distributed from trusted sources: |
From the vSphere client, connect to the vCenter server.
On the menu bar, go to "Plug-ins >> Manage Plug-ins".
Under Installed Plug-ins, right-click the plug-in of choice and select Disable.