STIGQter: STIG Summary: VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

The vROps PostgreSQL DB must be configured in accordance with the security configuration settings based on DoD security configuration and implementation guidance, including STIGs, NSA configuration guides, CTOs, DTMs, and IAVMs.

DISA Rule

SV-99001r1_rule

Vulnerability Number

V-88351

Group Title

SRG-APP-000516-DB-000363

Rule Version

VROM-PG-000625

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Install the latest approved security-relevant software updates and document in the supporting documentation.

Check Contents

Obtain supporting documentation from the ISSO.

Verify that this Security Technical Implementation Guide (STIG) is the most current STIG available for PostgreSQL on vROps. Assess all of the organization's vROps installations to ensure that they are fully compliant with the most current PostgreSQL STIG.

If the PostgreSQL configuration is not compliant with the most current PostgreSQL STIG, this is a finding.

Vulnerability Number

V-88351

Documentable

False

Rule Version

VROM-PG-000625

Severity Override Guidance

Obtain supporting documentation from the ISSO.

Verify that this Security Technical Implementation Guide (STIG) is the most current STIG available for PostgreSQL on vROps. Assess all of the organization's vROps installations to ensure that they are fully compliant with the most current PostgreSQL STIG.

If the PostgreSQL configuration is not compliant with the most current PostgreSQL STIG, this is a finding.

Check Content Reference

M

Target Key

3445

Comments