The managed object browser provides a way to explore the VMkernel object model. However, attackers can use this interface to perform malicious configuration changes or actions. The managed object browser lets you change the host configuration. This interface is used primarily for debugging the vSphere Web Services SDK.

Procedure

  1. Connect directly to the host using the ESXi Shell.
  2. (Optional) : Determine if the managed object browser (MOB) is enabled by running the following command.

    vim-cmd proxysvc/service_list

    If the service is running, the following text appears in the list of services:

    ...
    serverNamespace = '/mob',
    accessMode = "httpsWithRedirect",
    pipeName = "/var/run/vmware/proxy-mob",
    ...
  3. Disable the service by running the following command.

    vim-cmd proxysvc/remove_service "/mob" "httpsWithRedirect"

    Changes are effective immediately and persist across reboots.

Results

The managed object browser is no longer available for diagnostics. Some third-party tools use this interface to gather information.

What to do next

After you disable the managed object browser, perform tests to verify that third-party applications still function as expected.

To reenable the service, run the following command.

vim-cmd proxysvc/add_np_service "/mob" httpsWithRedirect /var/run/vmware/proxy-mob