UCF STIG Viewer Logo

VMW vRealize Automation 7.x PostgreSQL Security Technical Implementation Guide


Overview

Date Finding Count (69)
2018-10-12 CAT I (High): 5 CAT II (Med): 63 CAT III (Low): 1
STIG Description
This Security Technical Implementation Guide is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements are derived from the National Institute of Standards and Technology (NIST) 800-53 and related documents. Comments or proposed revisions to this document should be sent via email to the following address: disa.stig_spt@mail.mil.

Available Profiles



Findings (MAC I - Mission Critical Public)

Finding ID Severity Title
V-89445 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-89447 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-89449 High The vRA PostgreSQL database must use FIPS 140-2 ciphers.
V-89399 High The vRA PostgreSQL database security updates and patches must be installed in a timely manner in accordance with site policy.
V-89455 High The DBMS must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.
V-89441 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89407 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89425 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89387 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-89345 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89365 Medium vRA PostgreSQL database objects must only be accessible to the postgres account.
V-89355 Medium The vRA PostgreSQL database must have the correct ownership on the log files.
V-89409 Medium The DBMS must generate audit records when privileges/permissions are modified.
V-89357 Medium The vRA PostgreSQL database must have the correct group-ownership on the log files.
V-89385 Medium The vRA PostgreSQL database must have log collection enabled.
V-89339 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89353 Medium The vRA PostgreSQL database must have the correct permissions on the log files.
V-89391 Medium The vRA PostgreSQL database must use UTC for log timestamps.
V-89393 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89359 Medium The vRA PostgreSQL configuration files must have the correct permissions.
V-89461 Medium vRA Postgres must be configured to use the correct port.
V-89397 Medium vRA PostgreSQL database must be configured to validate character encoding to UTF-8.
V-89383 Medium The vRA PostgreSQL error file must be protected from unauthorized access.
V-89337 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89335 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89349 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89333 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89443 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89331 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89373 Medium The vRA PostgreSQL database must use md5 for authentication.
V-89395 Medium The DBMS must enforce access restrictions associated with changes to the configuration of the DBMS or database(s).
V-89371 Medium The vRA PostgreSQL database must be limited to authorized accounts.
V-89381 Medium Data from the vRA PostgreSQL database must be protected from unauthorized transfer.
V-89377 Medium The vRA PostgreSQL database must complete writing log entries prior to returning results.
V-89375 Medium The vRA PostgreSQL database must be configured to use ssl.
V-89439 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89429 Medium The vRA PostgreSQL database must set the log_min_messages to warning.
V-89369 Medium The vRA PostgreSQL database must not contain sample data.
V-89453 Medium vRA PostgreSQL must have the latest approved security-relevant software updates installed.
V-89451 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-89457 Medium vRA Postgres must be configured to use the correct port.
V-89459 Medium The vRA PostgreSQL database must have log collection enabled.
V-89379 Medium The vRA PostgreSQL must not allow access to unauthorized accounts.
V-89389 Medium The vRA PostgreSQL database must be configured to use a syslog facility.
V-89343 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89341 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89347 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89419 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89417 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89415 Medium The DBMS must generate audit records when unsuccessful attempts to modify security objects occur.
V-89329 Medium The vRA PostgreSQL configuration file must not be accessible by unauthorized users.
V-89413 Medium The DBMS must generate audit records when security objects are modified.
V-89433 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89411 Medium The DBMS must generate audit records when unsuccessful attempts to modify privileges/permissions occur.
V-89427 Medium The vRA PostgreSQL database must set log_connections to on.
V-89327 Medium vRA PostgreSQL database log file data must contain required data elements.
V-89405 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89435 Medium The vRA PostgreSQL database must set log_connections to on.
V-89361 Medium The vRA PostgreSQL configuration files must have the correct ownership.
V-89363 Medium The vRA PostgreSQL configuration files must have the correct group-ownership.
V-89403 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89401 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89367 Medium The vRA PostgreSQL database must limit modify privileges to authorized accounts.
V-89437 Medium The vRA PostgreSQL database must set log_connections to on.
V-89463 Medium vRA PostgreSQL must limit the number of connections.
V-89423 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89421 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89431 Medium The vRA PostgreSQL database must set the log_statement to all.
V-89351 Low vRA PostgreSQL database must have log_truncate_on_rotation enabled.