Skip to main content
CUI

STIG Rule - V-258997

Back to STIG Browser

V-258997

SV-258997r934649_rule

CAT II

The vCenter STS service default documentation must be removed.

From: VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) Security Technical Implementation Guide (V1R1)

Description

<VulnDiscussion>Tomcat provides documentation and other directories in the default installation that do not serve a production use. These files must be deleted.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

Check Procedure

At the command prompt, run the following command: # ls -l /var/opt/apache-tomcat/webapps/docs If the "docs" folder exists or contains any content, this is a finding.

Fix Text

At the command prompt, run the following command: # rm -rf /var/opt/apache-tomcat/webapps/docs

CCI Reference

CCI-000381
Created
2026-04-07 20:08:40
Last Updated
2026-04-07 20:09:50
Back to Browse
CUI