VMware Modern Apps Community

VCenter 7.0 Photon OS ACAS Scan



Trying to perform vulnerability ACAS Scans (Tenable Nessus product v5.19) on our newly integrated vSphere Vcenter 7.0. Photon OS Server.

I was told that 7.0 does not utilized VMWare Simple Object Access Protocol (SOAP) API, but now uses Representational State Transfer (REST) API. Tenable supports SOAP only.

How can someone obtain a good credential ACAS scan for the vSphere 7.0 VCenter Server now using Photon OS instead of Linux OS as it was previously with 6.7 or 6.5?

0 Kudos
1 Reply


Is Photon OS focussed e.g. docker image scans out of scope ?

For vcsa scans, please consider https://core.vmware.com/compliance-vulnerability-scanning-frequently-asked-questions#what-distributi... . In addition,

Changes made to file permissions or software components without the explicit guidance of VMware Global Support Services are not supported and may affect availability, serviceability, and supportability of your infrastructure. VMware is committed to the security and stability of our products and customers, and if there are issues or concerns, please begin by opening a support case with VMware Global Support Services.

As side impact, guess it has reasons there is no chapter for this in Carbon Black docs, too.

Hence, for vcsa vulnerability scan configuration, better ask this question in https://communities.vmware.com/t5/vCenter/ct-p/2500-home.  See e.g. https://communities.vmware.com/t5/VMware-vCenter-Discussions/Tenable-Credentialed-Scanning/m-p/28946...