- VCFL-67-000001 - vSphere Client must limit the amount of time that each TCP connection is kept alive.
- VCFL-67-000002 - vSphere Client must limit the number of concurrent connections permitted.
- VCFL-67-000003 - vSphere Client must limit the maximum size of a POST request.
- VCFL-67-000004 - vSphere Client must protect cookies from XSS.
- VCFL-67-000005 - vSphere Client must be configured with FIPS 140-2 compliant ciphers for HTTPS connections.
- VCFL-67-000006 - vSphere Client must be configured to enable SSL/TLS.
- VCFL-67-000007 - vSphere Client must be configured to only communicate over TLS 1.2.
- VCFL-67-000008 - vSphere Client must be configured to use the HTTPS scheme.
- VCFL-67-000009 - vSphere Client must record user access in a format that enables monitoring of remote access.
- VCFL-67-000010 - vSphere Client must generate log records during Java startup and shutdown.
- VCFL-67-000012 - vSphere Client application files must be verified for their integrity.
- VCFL-67-000013 - vSphere Client must have Multipurpose Internet Mail Extensions (MIME) that invoke OS shell programs disabled.
- VCFL-67-000014 - vSphere Client must have mappings set for Java servlet pages.
- VCFL-67-000015 - vSphere Client must not have the Web Distributed Authoring (WebDAV) servlet installed.
- VCFL-67-000016 - vSphere Client must be configured with memory leak protection.
- VCFL-67-000017 - vSphere Client must not have any symbolic links in the web content directory tree.
- VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore.
- VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.
- VCFL-67-000020 - vSphere Client must limit the number of allowed connections.
- VCFL-67-000021 - vSphere Client must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
- VCFL-67-000022 - vSphere Client must set the 'welcome-file' node to a default web page - welcome-file node to a default web page.
- VCFL-67-000023 - vSphere Client must not show directory listings.
- VCFL-67-000024 - vSphere Client must be configured to show error pages with minimal information.
- VCFL-67-000025 - vSphere Client must not enable support for TRACE requests.
- VCFL-67-000026 - vSphere Client must have the debug option turned off.
- VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - access
- VCFL-67-000027 - Rsyslog must be configured to monitor and ship vSphere Client log files - runtime
- VCFL-67-000028 - vSphere Client must be configured with the appropriate ports.
- VCFL-67-000029 - vSphere Client must disable the shutdown port.
- VCFL-67-000030 - vSphere Client must set the secure flag for cookies.
