The default mysql_secure_installation must be installed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-99599 | JAMF-10-100060 | SV-108703r1_rule | Medium |
| Description |
|---|
| The mysql_secure_installation configuration of MySQL adds several important configuration settings that block several attack vectors. The My SQL application could be exploited by an adversary without mysql_secure_installation. SFR ID: FMT_SMF.1(2)b. / CM-7(1)(b) Satisfies: SRG-APP-000383 |
| STIG | Date |
|---|---|
| Jamf Pro v10.x EMM Security Technical Implementation Guide | 2020-02-04 |
Details
| Check Text ( C-98449r1_chk ) |
|---|
| Verify the mysql_secure_installation has been installed on the Jamf host server. 1. Log in to MySQL. Execute the "show databases;" command. - Verify that the database named "Test" is not shown in output of the command. 2. Verify the root account has a string representing the password and not a blank value. - select * from mysql.user; 3. Verify the anonymous users have been removed and verify the user field contains a user name. - select * from mysql.user; All three steps must be correct to indicate mysql_secure_installation has been executed. If the mysql_secure_installation has not been installed on the Jamf host server, this is a finding. |
| Fix Text (F-105283r1_fix) |
|---|
| Install the mysql_secure_installation. 1. Install MySQL. 2. Using the Jamf Pro Security Recommendations document, go to the path based on the host operating system and execute the appropriate mysql_secure_installation script. |