A unique database name and a unique MySQL user with a secure password must be created for use in Jamf Pro EMM.

Severity	Group ID	Group Title	Version	Rule ID	Date	STIG Version
medium	V-241800	PP-MDM-991000	JAMF-10-100080	SV-241800r1015735_rule	2024-08-27	3

Description
If the default MySQL database name and password are not changed an adversary could gain unauthorized access to the application which could lead to the compromise of sensitive DOD data. SFR ID: FMT_SMF.1(2)b. / IA-5(1)(c) Satisfies: SRG-APP-000171

ℹ️ Check
Verify a unique database name and a unique MySQL user with a secure password have been created for use in Jamf Pro EMM. 1. Execute the show databases command. - Ensure at least one database name other than the default databases exits. The default databases are: infomation_schema mysql performance_schema sys 2. Verify there is a unique MySQL user. - In MySQL, run select * mysql.user; - Look for a user that is not Root or one of the other MySQL service accounts. Both of these steps must be correct. If a unique database name and a unique MySQL user with a secure password have not been created, this is a finding.

ℹ️ Check

Verify a unique database name and a unique MySQL user with a secure password have been created for use in Jamf Pro EMM. 1. Execute the show databases command. - Ensure at least one database name other than the default databases exits. The default databases are: infomation_schema mysql performance_schema sys 2. Verify there is a unique MySQL user. - In MySQL, run select * mysql.user; - Look for a user that is not Root or one of the other MySQL service accounts. Both of these steps must be correct. If a unique database name and a unique MySQL user with a secure password have not been created, this is a finding.

✔️ Fix
Create a unique database name and a unique MySQL user with a secure password. The procedure is found in the following Jamf Knowledge Base article: https://www.jamf.com/jamf-nation/articles/542/title