UCF STIG Viewer Logo

A unique database name and a unique MySQL user with a secure password must be created for use in Jamf Pro EMM.


Overview

Finding ID Version Rule ID IA Controls Severity
V-99601 JAMF-10-100080 SV-108705r1_rule Medium
Description
If the default MySQL database name and password are not changed an adversary could gain unauthorized access to the application which could lead to the compromise of sensitive DoD data. SFR ID: FMT_SMF.1(2)b. / IA-5(1)(c) Satisfies: SRG-APP-000171
STIG Date
Jamf Pro v10.x EMM Security Technical Implementation Guide 2020-02-04

Details

Check Text ( C-98451r1_chk )
Verify a unique database name and a unique MySQL user with a secure password have been created for use in Jamf Pro EMM.

1. Execute the show databases command.
- Ensure at least one database name other than the default databases exits. The default databases are:
infomation_schema
mysql
performance_schema
sys

2. Verify there is a unique MySQL user.
- In MySQL, run select * mysql.user;
- Look for a user that is not Root or one of the other MySQL service accounts.

Both of these steps must be correct.

If a unique database name and a unique MySQL user with a secure password have not been created, this is a finding.
Fix Text (F-105285r1_fix)
Create a unique database name and a unique MySQL user with a secure password. The procedure is found in the following Jamf Knowledge Base article:

https://www.jamf.com/jamf-nation/articles/542/title