UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

VMware vSphere 6.7 PostgreSQL Security Technical Implementation Guide


Overview

Date Finding Count (22)
2021-03-18 CAT I (High): 4 CAT II (Med): 18 CAT III (Low): 0
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Classified)

Finding ID Severity Title
V-239207 High VMware Postgres must use FIPS 140-2 approved TLS ciphers.
V-239206 High VMware Postgres must enforce authorized access to all PKI private keys.
V-239205 High VMware Postgres must be configured to use TLS.
V-239204 High VMware Postgres must require authentication on all connections.
V-239210 Medium Data from the vPostgres database must be protected from unauthorized transfer.
V-239211 Medium VMware Postgres must provide non-privileged users with minimal error information.
V-239212 Medium VMware Postgres must have log collection enabled.
V-239213 Medium VMware Postgres must be configured to log to stderr.
V-239214 Medium Rsyslog must be configured to monitor VMware Postgres logs.
V-239215 Medium VMware Postgres must use Coordinated Universal Time (UTC) for log timestamps.
V-239216 Medium VMware Postgres must set client-side character encoding to UTF-8.
V-239217 Medium The vPostgres database security updates and patches must be installed in a timely manner in accordance with site policy.
V-239209 Medium VMware Postgres must not allow schema access to unauthorized accounts.
V-239208 Medium VMware Postgres must write log entries to disk prior to returning operation success or failure.
V-239203 Medium VMware Postgres must be configured to use the correct port.
V-239202 Medium VMware Postgres must limit modify privileges to authorized accounts.
V-239201 Medium All VCDB tables must be owned by the "vc" user account.
V-239200 Medium VMware Postgres database must protect log files from unauthorized access and modification.
V-239199 Medium VMware Postgres must be configured to overwrite older logs when necessary.
V-239198 Medium VMware Postgres configuration files must not be accessible by unauthorized users.
V-239197 Medium VMware Postgres log files must contain required fields.
V-239196 Medium VMware Postgres must limit the number of connections.