STIGQter: STIG Summary: EDB Postgres Advanced Server Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

The EDB Postgres Advanced Server must associate organization-defined types of security labels having organization-defined security label values with information in transmission.

DISA Rule

SV-213616r508024_rule

Vulnerability Number

V-213616

Group Title

SRG-APP-000314-DB-000310

Rule Version

PPS9-00-007100

Severity

CAT II

CCI(s)

• CCI-002264 - The organization provides the means to associate organization-defined types of security attributes having organization-defined security attribute values with information in transmission.

Weight

10

Fix Recommendation

Create a row-level policy for all required tables as defined here:

http://www.enterprisedb.com/docs/en/9.5/oracompat/Database_Compatibility_for_Oracle_Developers_Guide.1.201.html#pID0E0D5J0HA

Check Contents

If security labeling is not required, this is not applicable (NA).

If security labeling requirements have been specified, execute the following SQL as enterprisedb:

SELECT * from ALL_POLICIES where OBJECT_NAME = '<table name>';

If a policy is not enabled for the table requiring security labeling, this is a finding.

Vulnerability Number

V-213616

Documentable

False

Rule Version

PPS9-00-007100

Severity Override Guidance

If security labeling is not required, this is not applicable (NA).

If security labeling requirements have been specified, execute the following SQL as enterprisedb:

SELECT * from ALL_POLICIES where OBJECT_NAME = '<table name>';

If a policy is not enabled for the table requiring security labeling, this is a finding.

Check Content Reference

M

Target Key

3988

Comments