STIGQter STIGQter: STIG Summary: Oracle MySQL 8.0 Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Jan 2021:

The MySQL Database Server 8.0 must associate organization-defined types of security labels having organization-defined security label values with information in storage.

DISA Rule

SV-235182r638812_rule

Vulnerability Number

V-235182

Group Title

SRG-APP-000311-DB-000308

Rule Version

MYS8-00-010800

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Deploy MySQL Views and Stored Procedures or a third-party software, or add custom data structures, data elements, and application code, to provide reliable security labeling of information in storage.

Check Contents

If security labeling is not required, this is not a finding.

For data that have been labeled with a column indicating data is classified read-only views can be created and secured via access privileges such that a user can only view the data that have a specific tag or tags (e.g., user [x] can only view records that are labeled with the tag of classified).

If security labeling requirements have been specified, but neither a third-party solution nor a MySQL Views and Stored Procedures are used to implement row level security solution is implemented that reliably maintains labels on information in storage, this is a finding.

Vulnerability Number

V-235182

Documentable

False

Rule Version

MYS8-00-010800

Severity Override Guidance

If security labeling is not required, this is not a finding.

For data that have been labeled with a column indicating data is classified read-only views can be created and secured via access privileges such that a user can only view the data that have a specific tag or tags (e.g., user [x] can only view records that are labeled with the tag of classified).

If security labeling requirements have been specified, but neither a third-party solution nor a MySQL Views and Stored Procedures are used to implement row level security solution is implemented that reliably maintains labels on information in storage, this is a finding.

Check Content Reference

M

Target Key

5277

Comments