STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Jamf Pro v10.x EMM Security Technical Implementation Guide

V-241799

CAT II (Medium)

The default mysql_secure_installation must be installed.

Rule ID

SV-241799r971326_rule

STIG

Jamf Pro v10.x EMM Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-001762

Discussion

The mysql_secure_installation configuration of MySQL adds several important configuration settings that block several attack vectors. The My SQL application could be exploited by an adversary without mysql_secure_installation. SFR ID: FMT_SMF.1(2)b. / CM-7(1)(b) Satisfies: SRG-APP-000383

Check Content

Verify the mysql_secure_installation has been installed on the Jamf host server. 

1. Log in to MySQL. Execute the "show databases;" command.
- Verify that the database named "Test" is not shown in output of the command.

2. Verify the root account has a string representing the password and not a blank value.
- select * from mysql.user;

3. Verify the anonymous users have been removed and verify the user field contains a user name.
- select * from mysql.user;

All three steps must be correct to indicate mysql_secure_installation has been executed.

If the mysql_secure_installation has not been installed on the Jamf host server, this is a finding.

Fix Text

Install the mysql_secure_installation. 

1. Install MySQL.
2. Using the Jamf Pro Security Recommendations document, go to the path based on the host operating system and execute the appropriate mysql_secure_installation script.