Documentation - V-235116

V-235116

Oracle MySQL 8.0 Security Technical Implementation Guide

CAT II

Title

The MySQL Database Server 8.0 must generate audit records when unsuccessful attempts to modify security objects occur.

Description

<VulnDiscussion>Changes in the database objects (tables, views, procedures, functions) that record and control permissions, privileges, and roles granted to users and roles must be tracked. Without an audit trail, unauthorized changes to the security subsystem could go undetected. The database could be severely compromised or rendered inoperative. To aid in diagnosis, it is necessary to keep track of failed attempts in addition to the successful ones.</VulnDiscussion><FalsePositives></FalsePosi...

Fix Text (Documentation Requirement)

If currently required, configure the MySQL Database Server to produce audit records when unsuccessful attempts to modify security objects occur. See the supplemental file "MySQL80Audit.sql".

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel