STIGQter: STIG Summary: Crunchy Data PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

Unused database components, PostgreSQL software, and database objects must be removed.

DISA Rule

SV-233592r617333_rule

Vulnerability Number

V-233592

Group Title

SRG-APP-000141-DB-000091

Rule Version

CD12-00-008900

Severity

CAT II

CCI(s)

CCI-000381 - The organization configures the information system to provide only essential capabilities.

Weight

Fix Recommendation

To remove extensions, use the following commands:

$ sudo su - postgres
$ psql -c "DROP EXTENSION <extension_name>"

Note: It is recommended that plpgsql not be removed.

Check Contents

To get a list of all extensions installed, use the following commands:

$ sudo su - postgres
$ psql -c "select * from pg_extension where extname != 'plpgsql'"

If any extensions exist that are not approved, this is a finding.

Vulnerability Number

V-233592

Documentable

False

Rule Version

CD12-00-008900

Severity Override Guidance

Check Content Reference

Target Key

5254

Unused database components, PostgreSQL software, and database objects must be removed.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments