STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to VMware Horizon 7.13 Connection Server Security Technical Implementation Guide

V-246895

CAT II (Medium)

The Horizon Connection Server must protect log files from unauthorized access.

Rule ID

SV-246895r879656_rule

STIG

VMware Horizon 7.13 Connection Server Security Technical Implementation Guide

Version

V1R2

CCIs

CCI-001314

Discussion

Error logs can contain sensitive information about system errors and system architecture that need to be protected from unauthorized access and modification. By default, Horizon Connection Server logs are only accessible by local windows Administrators. This configuration must be verified and maintained.

Check Content

On the Horizon Connection Server, navigate to "C:\ProgramData\VMware\VDM". Right-click the "logs" folder and select "Properties". Change to the "Security" tab. By default, only built-in system accounts such as "SYSTEM" and "NETWORK SERVICE" plus the local "Administrators" group have access to the "logs" folder.

If any other groups have any permissions on this folder, this is a finding.

Fix Text

On the Horizon Connection Server, navigate to "C:\ProgramData\VMware\VDM". Right-click the "logs" folder and select "Properties". Change to the "Security" tab. Click "Edit…". Highlight any groups or users that are not built-in system administrative accounts or the local "Administrators" group. Click "Remove". Click "OK". Click "OK".