Check: CNTR-MK-000620
Mirantis Kubernetes Engine STIG:
CNTR-MK-000620
(in version v1 r1)
Title
The "Create repository on push" option in MSR must be disabled. (Cat II impact)
Discussion
Allowing repositories to be created on a push can override essential settings and must not be allowed.
Check Content
If MSR is not being utilized, this is Not Applicable. Verify the "Create repository on push" option is disabled in MSR: Log in to the MSR web UI as an administrator and navigate to System >> General Tab >>Repositories Section. Verify the "Create repository on push" slider is turned off. If it is turned on, this is a finding.
Fix Text
If MSR is not being utilized, this is Not Applicable. Verify the "Create repository on push" option is disabled in MSR: Log in to the MSR web UI as an administrator and navigate to System >> General Tab >>Repositories Section. Set the "Create repository on push" slider to off.
Additional Identifiers
Rule ID: SV-260928r966141_rule
Vulnerability ID: V-260928
Group Title: SRG-APP-000141-CTR-000320
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000381 |
The organization configures the information system to provide only essential capabilities. |
Controls
| Number | Title |
|---|---|
| CM-7 |
Least Functionality |