STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:

The admin password for the McAfee MOVE AV Security Virtual Machine (SVM) must be changed from the default.

DISA Rule

SV-93227r1_rule

Vulnerability Number

V-78521

Group Title

MV45-GEN-000003

Rule Version

MV45-GEN-000003

Severity

CAT I

CCI(s)

• CCI-002418 - The information system protects the confidentiality and/or integrity of transmitted information.

Weight

10

Fix Recommendation

If the McAfee SVM was deployed manually, physically log into the McAfee SVM and change the password from the default.

If the McAfee SVM was deployed with VMware vCNS or VMWare NSX, access the McAfee ePO console.

From the Menu, select Automation >> MOVE AntiVirus Deployment.

Under General >> General Configuration >> SVM Configuration (Agentless Only), populate the "Password" with a unique password. Confirm the password.

Click "Save".

Check Contents

If the McAfee SVM was deployed manually, physically log into the McAfee SVM and confirm password has been changed from default.

If the password has not been changed from the default, this is a finding.

If the McAfee SVM was deployed with VMware vCNS or VMWare NSX, access the McAfee ePO console.

From the Menu, select Automation >> MOVE AntiVirus Deployment.

Under General >> General Configuration >> SVM Configuration (Agentless Only), verify the "Password" shows as configured. It will be masked.

Verify with the System Administrator that the password has been changed from the default password.

If "Password" does not show as configured and has not been changed from the default password, this is a finding.

Vulnerability Number

V-78521

Documentable

False

Rule Version

MV45-GEN-000003

Severity Override Guidance

If the McAfee SVM was deployed manually, physically log into the McAfee SVM and confirm password has been changed from default.

If the password has not been changed from the default, this is a finding.

If the McAfee SVM was deployed with VMware vCNS or VMWare NSX, access the McAfee ePO console.

From the Menu, select Automation >> MOVE AntiVirus Deployment.

Under General >> General Configuration >> SVM Configuration (Agentless Only), verify the "Password" shows as configured. It will be masked.

Verify with the System Administrator that the password has been changed from the default password.

If "Password" does not show as configured and has not been changed from the default password, this is a finding.

Check Content Reference

M

Target Key

3233

Comments