6.4 Ensure 'log-raw' Is Set to 'OFF' - %PROGRAMDATA%\MySQL\MySQL Server 5.7\my.ini Exists - Doesn't exist

Information

With raw logging of passwords enabled someone with access to the log files might see plain text passwords.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Perform the following actions to remediate this setting: Open the MySQL configuration file (my.cnf) Find the log-raw entry and set it as follows log-raw = OFF

See Also

https://workbench.cisecurity.org/files/1619