An error occurred:

Check: CNTR-MK-000500

Mirantis Kubernetes Engine STIG: CNTR-MK-000500 (in versions v2 r1 through v1 r1)

Title

MKE telemetry must be disabled. (Cat II impact)

Discussion

MKE provides a telemetry service that automatically records and transmits data to Mirantis through an encrypted channel for monitoring and analysis purposes. While this channel is secure, it introduces an attack vector and must be disabled.

Check Content

Verify that usage and API analytics tracking is disabled in MKE. Log in to the MKE web UI and navigate to admin >> Admin Settings >> Usage. Verify the "Enable hourly usage reporting" and "Enable API and UI tracking" options are both unchecked. If either box is checked, this is a finding.

Fix Text

Disable usage and API analytics tracking in MKE. Log in to the MKE web UI and navigate to admin >> Admin Settings >> Usage. Uncheck both the "Enable hourly usage reporting" and "Enable API and UI tracking" options. Click "Save".

Additional Identifiers

Rule ID: SV-260918r966111_rule

Vulnerability ID: V-260918

Group Title: SRG-APP-000141-CTR-000315

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000381

Configure the system to provide only organization-defined mission essential capabilities.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
CM-7

Least Functionality