The use of the MYSQL_PWD environment variable implies the clear text storage of MySQL credentials. NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance. NOTE : Nessus has not performed this query, and this check is only provided for informational purposes.
Solution
Check which users and/or scripts are setting MYSQL_PWD and change them to use a more secure method.