Skip to content

Access Control: Default MySQL Credentials

Identifier: mysql_default_credentials

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

MySQL servers configured with default credentials are vulnerable to unauthorized access, potentially leading to data breaches and system compromise.

How we test: We attempt to authenticate to MySQL servers using common default username and password combinations. If authentication succeeds, we report the vulnerability and verify if default credentials are still in use.

Configuration

Example

Example configuration:

---
security_tests:
  mysql_default_credentials:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.