STIGQter: STIG Summary: VMW vRealize Automation 7.x vAMI Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vAMI must use approved versions of TLS.

DISA Rule

SV-100877r1_rule

Vulnerability Number

V-90227

Group Title

SRG-APP-000179-AS-000129

Rule Version

VRAU-VA-000265

Severity

CAT I

CCI(s)

• CCI-000803 - The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Weight

10

Fix Recommendation

Navigate to and open /opt/vmware/etc/lighttpd/lighttpd.conf.

Configure the lighttpd.conf file with the following two values:
'ssl.use-sslv2 = "disable"'
'ssl.use-sslv3 = "disable"'

Note: Both values must be present.

Check Contents

At the command prompt, execute the following command:

grep ssl.use-sslv /opt/vmware/etc/lighttpd/lighttpd.conf

If the value of "ssl.use-sslv2" and "ssl.use-sslv3" are not "disable", this is a finding.

Vulnerability Number

V-90227

Documentable

False

Rule Version

VRAU-VA-000265

Severity Override Guidance

At the command prompt, execute the following command:

grep ssl.use-sslv /opt/vmware/etc/lighttpd/lighttpd.conf

If the value of "ssl.use-sslv2" and "ssl.use-sslv3" are not "disable", this is a finding.

Check Content Reference

M

Target Key

3449

Comments