Details

With raw logging of passwords enabled someone with access to the log files might see plain text passwords.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Perform the following actions to remediate this setting: Open the MySQL configuration file (my.cnf) Find the log-raw entry and set it as follows log-raw = OFF

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/1619

This control applies to the following type of system Windows.

Source

• Tenable.com/audits