Separate MySQL user accounts with limited privileges must be created within Jamf Pro EMM.
An XCCDF Rule
Description
<VulnDiscussion>If separate MySQL accounts with limited privileges are not created an adversary could gain unauthorized access to the application or gain access unauthorized features which could lead to the compromise of sensitive DoD data. SFR ID: FMT_SMF.1(2)b. / CM-6 b Satisfies: SRG-APP-000516</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-241801r879887_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Create separate MySQL user accounts with limited privileges within Jamf Pro EMM.
The procedures for creating user accounts and assigning account privileges are found in the following Jamf Knowledge Base articles:
MySQL 8.0: https://dev.mysql.com/doc/refman/8.0/en/creating-accounts.html
MySQL 5.7: https://dev.mysql.com/doc/refman/5.7/en/creating-accounts.html