STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Jamf Pro v10.x EMM Security Technical Implementation Guide

V-241800

CAT II (Medium)

A unique database name and a unique MySQL user with a secure password must be created for use in Jamf Pro EMM.

Rule ID

SV-241800r985839_rule

STIG

Jamf Pro v10.x EMM Security Technical Implementation Guide

Version

V3R1

CCIs

CCI-004062

Discussion

If the default MySQL database name and password are not changed an adversary could gain unauthorized access to the application which could lead to the compromise of sensitive DOD data. SFR ID: FMT_SMF.1(2)b. / IA-5(1)(c) Satisfies: SRG-APP-000171

Check Content

Verify a unique database name and a unique MySQL user with a secure password have been created for use in Jamf Pro EMM.

1. Execute the show databases command.
- Ensure at least one database name other than the default databases exits. The default databases are:
infomation_schema
mysql
performance_schema
sys

2. Verify there is a unique MySQL user.
- In MySQL, run select * mysql.user;
- Look for a user that is not Root or one of the other MySQL service accounts.

Both of these steps must be correct.

If a unique database name and a unique MySQL user with a secure password have not been created, this is a finding.

Fix Text

Create a unique database name and a unique MySQL user with a secure password. The procedure is found in the following Jamf Knowledge Base article:

https://www.jamf.com/jamf-nation/articles/542/title