| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL |
| 1.2 Use Dedicated Least Privileged Account for MySQL Daemon/Service | CIS MySQL 5.6 Community Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL |
| 1.4 Verify That the MYSQL_PWD Environment Variable is Not in Use | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 1.6 Verify That 'MYSQL_PWD' Is Not Set In Users' Profiles | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.9 Ensure MySQL is Bound to an IP Address | CIS MySQL 5.6 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.9 Ensure MySQL is Bound to an IP Address | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.11 Ensure MySQL is Bound to an IP Address | CIS MySQL 5.7 Enterprise Database L2 v2.0.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure MySQL is Bound to an IP Address | CIS MySQL 8.0 Community Database L2 v1.1.0 | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure MySQL is Bound to an IP Address | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.14 Ensure MySQL is Bound to an IP Address | CIS Oracle MySQL Enterprise Edition 8.4 v1.0.0 L2 MySQL RDBMS | MySQLDB | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 2.17 Ensure Only Approved Ciphers are Used | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L2 Database | MySQLDB | SYSTEM AND SERVICES ACQUISITION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.6 Enterprise Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.7 Enterprise Linux OS L1 v2.0.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 3.8 Ensure Plugin Directory Has Appropriate Permissions | CIS MySQL 5.6 Community Windows OS L1 v2.0.0 | Windows | ACCESS CONTROL, MEDIA PROTECTION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - /etc/my.cnf | CIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - /etc/mysql/my.cnf | CIS MySQL 5.7 Community Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - /etc/mysql/my.cnf | CIS MySQL 5.7 Enterprise Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.init | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - %WINDIR%\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - %WINDIR%\my.cnf | CIS MySQL 5.6 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - C:\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - C:\my.ini | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - C:\my.ini | CIS MySQL 5.7 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - config files not found | CIS MySQL 5.6 Community Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - does nto exist | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - does nto exist | CIS MySQL 5.7 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Enterprise Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - MYSQL_INSTALL\my.cnf | CIS MySQL 5.7 Community Windows OS L2 v2.0.0 | Windows | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - mysqld start-up | CIS MySQL 5.7 Enterprise Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - mysqld start-up | CIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnf | CIS MySQL 5.6 Enterprise Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 4.3 Ensure 'allow-suspicious-udfs' Is Set to 'OFF' - SYSCONFDIR/my.cnf passed | CIS MySQL 5.7 Community Linux OS L2 v2.0.0 | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
| 5.1 Ensure Only Administrative Users Have Full Database Access | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.2 Ensure 'FILE' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 5.4 Ensure 'SUPER' is Not Granted to Non-Administrative Users | CIS MySQL 8.0 Community Database L1 v1.1.0 | MySQLDB | ACCESS CONTROL |
| 5.4 Ensure 'SUPER' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Community Server 8.4 v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 5.4 Ensure 'SUPER' is Not Granted to Non-Administrative Users | CIS MySQL 8.4 Enterprise v1.0.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 5.4 Ensure 'SUPER' is Not Granted to Non-Administrative Users | CIS Oracle MySQL Enterprise Edition 8.0 v1.4.0 L1 Database | MySQLDB | ACCESS CONTROL |
| 5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative Users | CIS MySQL 5.6 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative Users | CIS MySQL 5.6 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Enterprise Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 5.5 Ensure 'SHUTDOWN' is Not Granted to Non-Administrative Users | CIS MySQL 5.7 Community Database L1 v2.0.0 | MySQLDB | ACCESS CONTROL |
| 6.5 Ensure Audit Logging Is Enabled | CIS MySQL 5.6 Community Database L2 v2.0.0 | MySQLDB | AUDIT AND ACCOUNTABILITY |
| DKER-EE-001810 - On Linux, a non-AUFS storage driver in the Docker Engine - Enterprise component of Docker Enterprise must be used. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
