Skip to content

Information Disclosure: Exposed MySQL Config

Identifier: exposed_mysql_config

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

When the MySQL configuration file is accidentally made public, anyone can view sensitive details like usernames, passwords, and connection info. This exposure can let attackers break into your database, steal data, or find other ways to compromise your system. It usually happens when developers leave these files with loose permissions or mistakenly keep them in public folders during setup or debugging. The risks include unauthorized access and potential data breaches, so it's crucial to properly secure these files to avoid giving attackers an easy entry point.

Configuration

Example

Example configuration:

---
security_tests:
  exposed_mysql_config:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.