Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-78521 | MV45-GEN-000003 | SV-93227r1_rule | High |
Description |
---|
The preconfigured Security Virtual Appliance (SVA) comes with a default password for the "SVAadmin" account. This account has root privileges to the Linux operating system of the appliance. By not changing the password from the default, the appliance will be subject to access by unauthorized individuals. |
STIG | Date |
---|---|
McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide | 2018-07-09 |
Check Text ( C-78083r1_chk ) |
---|
If the McAfee SVM was deployed manually, physically log into the McAfee SVM and confirm password has been changed from default. If the password has not been changed from the default, this is a finding. If the McAfee SVM was deployed with VMware vCNS or VMWare NSX, access the McAfee ePO console. From the Menu, select Automation >> MOVE AntiVirus Deployment. Under General >> General Configuration >> SVM Configuration (Agentless Only), verify the "Password" shows as configured. It will be masked. Verify with the System Administrator that the password has been changed from the default password. If "Password" does not show as configured and has not been changed from the default password, this is a finding. |
Fix Text (F-85255r1_fix) |
---|
If the McAfee SVM was deployed manually, physically log into the McAfee SVM and change the password from the default. If the McAfee SVM was deployed with VMware vCNS or VMWare NSX, access the McAfee ePO console. From the Menu, select Automation >> MOVE AntiVirus Deployment. Under General >> General Configuration >> SVM Configuration (Agentless Only), populate the "Password" with a unique password. Confirm the password. Click "Save". |