An error occurred:

Check: CNTR-MK-000510

Mirantis Kubernetes Engine STIG: CNTR-MK-000510 (in versions v2 r1 through v1 r1)

Title

MSR telemetry must be disabled. (Cat II impact)

Discussion

MSR provides a telemetry service that automatically records and transmits data to Mirantis through an encrypted channel for monitoring and analysis purposes. While this channel is secure, it introduces an attack vector and must be disabled.

Check Content

If MSR is not being utilized, this is Not Applicable. Verify that usage and API analytics tracking is disabled in MSR. Log in to the MSR web UI and navigate to System >> General Tab. Scroll to the "Analytics" section. If the "Send data" option is enabled, this is a finding.

Fix Text

If MSR is not being utilized, this is Not Applicable. Disable usage and API analytics tracking in MSR. Log in to the MSR web UI and navigate to System >> General Tab. Scroll to the "Analytics" section. Click the "Send data" slider to disable this capability.

Additional Identifiers

Rule ID: SV-260919r966114_rule

Vulnerability ID: V-260919

Group Title: SRG-APP-000141-CTR-000315

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000381

Configure the system to provide only organization-defined mission essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7

Least Functionality