STIGQter: STIG Summary: Citrix Virtual Apps and Desktop 7.x Linux Virtual Delivery Agent Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

The application must be configured to disable non-essential capabilities.

DISA Rule

SV-234258r628796_rule

Vulnerability Number

V-234258

Group Title

SRG-APP-000141

Rule Version

LVDA-VD-000270

Severity

CAT II

CCI(s)

• CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

10

Fix Recommendation

Set the value of CEIPSwitch to "1" (Disabled).

Set the value of GASwitch to "1" (Disabled).

Check Contents

Run the following command on a client to disable the CEIP:
/opt/Citrix/VDA/bin/ctxreg update -k "HKEY_LOCAL_MACHINE\ SOFTWARE\Citrix\CEIP" -v "CEIPSwitch" -d "1"

If CEIPSwitch is not set to "1", this is a finding.

Run the following command on a client to disable Google Analytics:
/opt/Citrix/VDA/bin/ctxreg update -k "HKEY_LOCAL_MACHINE\ SOFTWARE\Citrix\CEIP" -v "GASwitch" -d "1"

If GASwitch is not set to "1", this is a finding.

Vulnerability Number

V-234258

Documentable

False

Rule Version

LVDA-VD-000270

Severity Override Guidance

Run the following command on a client to disable the CEIP:
/opt/Citrix/VDA/bin/ctxreg update -k "HKEY_LOCAL_MACHINE\ SOFTWARE\Citrix\CEIP" -v "CEIPSwitch" -d "1"

If CEIPSwitch is not set to "1", this is a finding.

Run the following command on a client to disable Google Analytics:
/opt/Citrix/VDA/bin/ctxreg update -k "HKEY_LOCAL_MACHINE\ SOFTWARE\Citrix\CEIP" -v "GASwitch" -d "1"

If GASwitch is not set to "1", this is a finding.

Check Content Reference

M

Target Key

5266

Comments