Cannot connect to ESXi Target for Assessment

Product Name

CIS-CAT Pro Assessor

Product Version

v4+

Date

Sep 15, 2021

Problem

I am trying to run an assessment on a ESXi Host - we are able to connect to the ESXi host and testing the connection works. However, we are not able to continue with the assessment thereafter. Error received is as follows: "An error occurred creating the session for xxx@x.x.x.x:22. Ensure all session configuration information is correct."

Solution

The connection string CIS uses for ESXi Assessments is validated as an anyURI. This is likely why the connection will work when Testing the Connection via the GUI, but fails to execute the actual scan. The reason for this may come down to the Password being used into ESXi string. This is the example provided in the VMware ESXi Assessment | CIS-CAT Pro Assessor v4 User Guide root/qu3rty@192.168.41.60

anyURI has the following rules about it:

Invalid values for anyURI examples:

http://datypic.com#frag1#frag2 - too many # characters
http://datypic.com#f% - rag - % character followed by something other than two hexadecimal digits

The above and more can be found at: XML Schema 1.0 xsd:anyURI - Complete documentation and samples

At this time we are reviewing if it is possible to circumvent these password limitations.

Keywords;

Content by Label

Page:

Feature Enhancement Requests for CIS Products

Center for Internet Security®

Privacy Policy