STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Unused database components which are integrated in the EDB Postgres Advanced Server and cannot be uninstalled must be disabled.

DISA Rule

SV-213593r508024_rule

Vulnerability Number

V-213593

Group Title

SRG-APP-000141-DB-000092

Rule Version

PPS9-00-003900

Severity

CAT II

CCI(s)

CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

Fix Recommendation

Review the EDB PPAS packages available in the installation guide here:

http://www.enterprisedb.com/docs/en/9.5/instguide/Postgres_Plus_Advanced_Server_Installation_Guide.1.14.html#

Uninstall any unneeded packages by running the following as root:

yum erase -y <package-name>

At a minimum, the ppas94-server-* packages are required, but other packages such as jdbc, postgis, pgpool and others may be required by applications that need the functionality provided in these additional packages

Check Contents

Run the following command as root:

yum list installed | grep ppas

If any packages are installed that are not needed, this is a finding.

Vulnerability Number

V-213593

Documentable

False

Rule Version

PPS9-00-003900

Severity Override Guidance

Run the following command as root:

yum list installed | grep ppas

If any packages are installed that are not needed, this is a finding.

Check Content Reference

Target Key

3988

Unused database components which are integrated in the EDB Postgres Advanced Server and cannot be uninstalled must be disabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments