CONTAP-364442: Lack of a system-defined MAV rule "security login publickey" allows MAV bypass.
Issue
A compromised admin account may be used to bypass multi-admin verification (MAV) when a second admin account is already configured for SSH application and primary authentication method public key but without a second authentication method or multi factor authentication (MFA).