|Finding ID||Version||Rule ID||IA Controls||Severity|
|If the default MySQL database name and password are not changed an adversary could gain unauthorized access to the application which could lead to the compromise of sensitive DoD data. SFR ID: FMT_SMF.1(2)b. / IA-5(1)(c) Satisfies: SRG-APP-000171|
|Jamf Pro v10.x EMM Security Technical Implementation Guide||2020-02-04|
|Check Text ( C-98451r1_chk )|
| Verify a unique database name and a unique MySQL user with a secure password have been created for use in Jamf Pro EMM. |
1. Execute the show databases command.
- Ensure at least one database name other than the default databases exits. The default databases are:
2. Verify there is a unique MySQL user.
- In MySQL, run select * mysql.user;
- Look for a user that is not Root or one of the other MySQL service accounts.
Both of these steps must be correct.
If a unique database name and a unique MySQL user with a secure password have not been created, this is a finding.
|Fix Text (F-105285r1_fix)|
| Create a unique database name and a unique MySQL user with a secure password. The procedure is found in the following Jamf Knowledge Base article: |