UCF STIG Viewer Logo

VMware vSphere 6.7 PostgreSQL Security Technical Implementation Guide


Date Finding Count (20)
2021-04-15 CAT I (High): 4 CAT II (Med): 16 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles

Findings (MAC III - Administrative Sensitive)

Finding ID Severity Title
V-239207 High VMware Postgres must use FIPS 140-2 approved TLS ciphers.
V-239205 High VMware Postgres must be configured to use TLS.
V-239206 High VMware Postgres must enforce authorized access to all PKI private keys.
V-239204 High VMware Postgres must require authentication on all connections.
V-239209 Medium VMware Postgres must not allow schema access to unauthorized accounts.
V-239208 Medium VMware Postgres must write log entries to disk prior to returning operation success or failure.
V-239203 Medium VMware Postgres must be configured to use the correct port.
V-239202 Medium VMware Postgres must limit modify privileges to authorized accounts.
V-239212 Medium VMware Postgres must have log collection enabled.
V-239200 Medium VMware Postgres database must protect log files from unauthorized access and modification.
V-239215 Medium VMware Postgres must use Coordinated Universal Time (UTC) for log timestamps.
V-239213 Medium VMware Postgres must be configured to log to stderr.
V-239199 Medium VMware Postgres must be configured to overwrite older logs when necessary.
V-239198 Medium VMware Postgres configuration files must not be accessible by unauthorized users.
V-239216 Medium VMware Postgres must set client-side character encoding to UTF-8.
V-239211 Medium VMware Postgres must provide non-privileged users with minimal error information.
V-239214 Medium Rsyslog must be configured to monitor VMware Postgres logs.
V-239197 Medium VMware Postgres log files must contain required fields.
V-239201 Medium All VCDB tables must be owned by the "vc" user account.
V-239196 Medium VMware Postgres must limit the number of connections.