STIGQter: STIG Summary: PostgreSQL 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

Unused database components which are integrated in PostgreSQL and cannot be uninstalled must be disabled.

DISA Rule

SV-214128r508027_rule

Vulnerability Number

V-214128

Group Title

SRG-APP-000141-DB-000092

Rule Version

PGS9-00-009200

Severity

CAT II

CCI(s)

CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

Fix Recommendation

To remove any unneeded executables, as the system administrator, run the following:

# RHEL/CENT Systems
$ sudo yum erase <package_name>

# Debian Systems
$ sudo apt-get remove <package_name>

Check Contents

To list all installed packages, as the system administrator, run the following:

# RHEL/CENT Systems
$ sudo yum list installed | grep postgres

# Debian Systems
$ dpkg --get-selections | grep postgres

If any packages are installed that are not required, this is a finding.

Vulnerability Number

V-214128

Documentable

False

Rule Version

PGS9-00-009200

Severity Override Guidance

Check Content Reference

Target Key

3994

Unused database components which are integrated in PostgreSQL and cannot be uninstalled must be disabled.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments