STIGQter: STIG Summary: VMware Automation 7.x Application Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vRealize Automation security file must be restricted to the vcac user.

DISA Rule

SV-99781r1_rule

Vulnerability Number

V-89131

Group Title

SRG-APP-000340-AS-000185

Rule Version

VRAU-AP-000400

Severity

CAT II

CCI(s)

CCI-002235 - The information system prevents non-privileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.

Weight

Fix Recommendation

At the command prompt, execute the following commands:

chown vcac:vcac /etc/vcac/security.properties

Check Contents

At the command prompt, execute the following command:

ls -l /etc/vcac/security.properties

If the file owner and group-owner are not "vcac", this is a finding.

Vulnerability Number

V-89131

Documentable

False

Rule Version

VRAU-AP-000400

Severity Override Guidance

At the command prompt, execute the following command:

ls -l /etc/vcac/security.properties

If the file owner and group-owner are not "vcac", this is a finding.

Check Content Reference

Target Key

3447

The vRealize Automation security file must be restricted to the vcac user.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments