STIGQter: STIG Summary: PostgreSQL 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Unused database components, PostgreSQL software, and database objects must be removed.

DISA Rule

SV-214126r508027_rule

Vulnerability Number

V-214126

Group Title

SRG-APP-000141-DB-000091

Rule Version

PGS9-00-008900

Severity

CAT II

CCI(s)

CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

Fix Recommendation

To remove extensions, use the following commands:

$ sudo su - postgres
$ psql -c "DROP EXTENSION <extension_name>"

Note: It is recommended that plpgsql not be removed.

Check Contents

To get a list of all extensions installed, use the following commands:

$ sudo su - postgres
$ psql -c "select * from pg_extension where extname != 'plpgsql'"

If any extensions exist that are not approved, this is a finding.

Vulnerability Number

V-214126

Documentable

False

Rule Version

PGS9-00-008900

Severity Override Guidance

Check Content Reference

Target Key

3994

Unused database components, PostgreSQL software, and database objects must be removed.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments