MSR telemetry must be disabled.

An XCCDF Rule

Description

<VulnDiscussion>MSR provides a telemetry service that automatically records and transmits data to Mirantis through an encrypted channel for monitoring and analysis purposes. While this channel is secure, it introduces an attack vector and must be disabled.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-260919r966114_rule
Severity: Medium
References: CCI-000381
Updated: 19 days ago

If MSR is not being utilized, this is Not Applicable.

Disable usage and API analytics tracking in MSR.

Log in to the MSR web UI and navigate to System >> General Tab. Scroll to the "Analytics" section.
Click the "Send data" slider to disable this capability.

MSR telemetry must be disabled.

Description

Remediation - Manual Procedure