STIGQter: STIG Summary: VMW vSphere 6.5 vCenter Server for Windows Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 22 Jan 2021:

The vCenter Server for Windows must disable SNMPv1.

DISA Rule

SV-216889r612237_rule

Vulnerability Number

V-216889

Group Title

SRG-APP-000575

Rule Version

VCWN-65-006000

Severity

CAT II

CCI(s)

• CCI-001967 - The information system authenticates organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection using bidirectional authentication that is cryptographically based.

Weight

10

Fix Recommendation

In the vSphere Web Client go to a vCenter Server instance.
Click the Configure tab >> Settings >> General.
On the vCenter Server Settings central pane, click Edit.
Click SNMP receivers to edit their settings.
Remove any SNMP receivers that exist.

Check Contents

NOTE: For the vCenter 6.5 Server Appliance, this requirement is Not Applicable.

In the vSphere Web Client go to a vCenter Server instance.
Click the Configure tab >> Settings >> General.
On the vCenter Server Settings central pane, click Edit.
Click SNMP receivers to edit their settings.
Ensure no information for SNMP receivers are entered. If there are SNMP receivers configured, this is a finding.

Vulnerability Number

V-216889

Documentable

False

Rule Version

VCWN-65-006000

Severity Override Guidance

NOTE: For the vCenter 6.5 Server Appliance, this requirement is Not Applicable.

In the vSphere Web Client go to a vCenter Server instance.
Click the Configure tab >> Settings >> General.
On the vCenter Server Settings central pane, click Edit.
Click SNMP receivers to edit their settings.
Ensure no information for SNMP receivers are entered. If there are SNMP receivers configured, this is a finding.

Check Content Reference

M

Target Key

4030

Comments