STIGQter: STIG Summary: PostgreSQL 9.x Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Oct 2020:

PostgreSQL must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.

DISA Rule

SV-214153r508027_rule

Vulnerability Number

V-214153

Group Title

SRG-APP-000179-DB-000114

Rule Version

PGS9-00-012300

Severity

CAT I

CCI(s)

CCI-000803 - The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication.

Weight

Fix Recommendation

Configure OpenSSL to meet FIPS Compliance using the following documentation in section 9.1:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1758.pdf

For more information on configuring PostgreSQL to use SSL, see supplementary content APPENDIX-G.

Check Contents

As the system administrator, run the following:

$ openssl version

If "fips" is not included in the openssl version, this is a finding.

Vulnerability Number

V-214153

Documentable

False

Rule Version

PGS9-00-012300

Severity Override Guidance

As the system administrator, run the following:

$ openssl version

If "fips" is not included in the openssl version, this is a finding.

Check Content Reference

Target Key

3994

PostgreSQL must use NIST FIPS 140-2 validated cryptographic modules for cryptographic operations.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments