STIGQter: STIG Summary: Oracle MySQL 8.0 Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

The MySQL Database Server 8.0 must protect its audit features from unauthorized access.

DISA Rule

SV-235160r638812_rule

Vulnerability Number

V-235160

Group Title

SRG-APP-000121-DB-000202

Rule Version

MYS8-00-008000

Severity

CAT II

CCI(s)

• CCI-001493 - The information system protects audit tools from unauthorized access.

Weight

10

Fix Recommendation

Remove audit-related permissions from individuals and roles not authorized to have them.

REVOKE AUDIT_ADMIN on *.* FROM <user>;

Check Contents

Check users with permissions to administer MySQL Auditing.

select * from information_schema.user_privileges where privilege_type = 'AUDIT_ADMIN';

If unauthorized accounts have these the AUDIT_ADMIN privilege, this is a finding.

Vulnerability Number

V-235160

Documentable

False

Rule Version

MYS8-00-008000

Severity Override Guidance

Check users with permissions to administer MySQL Auditing.

select * from information_schema.user_privileges where privilege_type = 'AUDIT_ADMIN';

If unauthorized accounts have these the AUDIT_ADMIN privilege, this is a finding.

Check Content Reference

M

Target Key

5277

Comments