UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide


Overview

Date Finding Count (69)
2023-09-20 CAT I (High): 6 CAT II (Med): 62 CAT III (Low): 1
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DOD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC III - Administrative Classified)

Finding ID Severity Title
V-240311 High The vRA PostgreSQL database security updates and patches must be installed in a timely manner in accordance with site policy.
V-240335 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-240334 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-258453 High The version of vRealize Automation 7.x PostgreSQL running on the system must be a supported version.
V-240339 High The DBMS must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.
V-240336 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-240319 Medium The DBMS must generate audit records when unsuccessful attempts to modify security objects occur.
V-240318 Medium The DBMS must generate audit records when security objects are modified.
V-240315 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240314 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240317 Medium The DBMS must generate audit records when unsuccessful attempts to modify privileges/permissions occur.
V-240316 Medium The DBMS must generate audit records when privileges/permissions are modified.
V-240310 Medium vRA PostgreSQL database must be configured to validate character encoding to UTF-8.
V-240313 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240312 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240298 Medium The vRA PostgreSQL database must use md5 for authentication.
V-240299 Medium The vRA PostgreSQL database must be configured to use ssl.
V-240333 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240332 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240331 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240330 Medium The vRA PostgreSQL database must set log_connections to on.
V-240290 Medium The vRA PostgreSQL database must have the correct group-ownership on the log files.
V-240291 Medium The vRA PostgreSQL configuration files must have the correct permissions.
V-240292 Medium The vRA PostgreSQL configuration files must have the correct ownership.
V-240293 Medium The vRA PostgreSQL configuration files must have the correct group-ownership.
V-240294 Medium vRA PostgreSQL database objects must only be accessible to the postgres account.
V-240295 Medium The vRA PostgreSQL database must limit modify privileges to authorized accounts.
V-240296 Medium The vRA PostgreSQL database must not contain sample data.
V-240297 Medium The vRA PostgreSQL database must be limited to authorized accounts.
V-240285 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240286 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240338 Medium vRA PostgreSQL must have the latest approved security-relevant software updates installed.
V-240308 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240309 Medium The DBMS must enforce access restrictions associated with changes to the configuration of the DBMS or database(s).
V-240302 Medium Data from the vRA PostgreSQL database must be protected from unauthorized transfer.
V-240303 Medium The vRA PostgreSQL error file must be protected from unauthorized access.
V-240300 Medium The vRA PostgreSQL database must complete writing log entries prior to returning results.
V-240301 Medium The vRA PostgreSQL must not allow access to unauthorized accounts.
V-240306 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-240307 Medium The vRA PostgreSQL database must use UTC for log timestamps.
V-240304 Medium The vRA PostgreSQL database must have log collection enabled.
V-240305 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-240324 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240325 Medium The vRA PostgreSQL database must set log_connections to on.
V-240289 Medium The vRA PostgreSQL database must have the correct ownership on the log files.
V-240288 Medium The vRA PostgreSQL database must have the correct permissions on the log files.
V-240320 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240321 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240322 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240323 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240283 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240282 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240281 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240280 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240328 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240329 Medium The vRA PostgreSQL database must set log_connections to on.
V-240340 Medium vRA Postgres must be configured to use the correct port.
V-240341 Medium The vRA PostgreSQL database must have log collection enabled.
V-240337 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-240343 Medium vRA PostgreSQL must limit the number of connections.
V-240326 Medium The vRA PostgreSQL database must set the log_min_messages to warning.
V-240284 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240342 Medium vRA Postgres must be configured to use the correct port.
V-240327 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240276 Medium vRA PostgreSQL database log file data must contain required data elements.
V-240277 Medium The vRA PostgreSQL configuration file must not be accessible by unauthorized users.
V-240278 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240279 Medium The vRA PostgreSQL database must set the log_statement to all.
V-240287 Low vRA PostgreSQL database must have log_truncate_on_rotation enabled.