STIGQter: STIG Summary: VMware vSphere 6.7 EAM Tomcat Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

ESX Agent Manager must limit the number of allowed connections.

DISA Rule

SV-239390r674664_rule

Vulnerability Number

V-239390

Group Title

SRG-APP-000246-WSR-000149

Rule Version

VCEM-67-000019

Severity

CAT II

CCI(s)

CCI-001094 - The information system restricts the ability of individuals to launch organization-defined denial of service attacks against other information systems.

Weight

Fix Recommendation

Navigate to and open:

/usr/lib/vmware-eam/web/conf/server.xml

Configure the <Connector> node with the following value:

acceptCount="300"

Check Contents

At the command prompt, execute the following command:

# xmllint --xpath '/Server/Service/Connector/@acceptCount' /usr/lib/vmware-eam/web/conf/server.xml

Expected result:

acceptCount="300"

If the output does not match the expected result, this is a finding.

Vulnerability Number

V-239390

Documentable

False

Rule Version

VCEM-67-000019

Severity Override Guidance

Check Content Reference

Target Key

5328

ESX Agent Manager must limit the number of allowed connections.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments