STIGQter: STIG Summary: VMware vSphere 6.7 PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 09 Mar 2021:

All VCDB tables must be owned by the "vc" user account.

DISA Rule

SV-239201r717053_rule

Vulnerability Number

V-239201

Group Title

SRG-APP-000133-DB-000200

Rule Version

VCPG-67-000008

Severity

CAT II

CCI(s)

CCI-001499 - The organization limits privileges to change software resident within software libraries.

Weight

Fix Recommendation

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -U postgres -c "ALTER TABLE <tablename> OWNER TO vc;"

Replace <tablename> with the name of the table discovered during the check.

Check Contents

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -d VCDB -x -U postgres -c "\dt;"|grep Owner|grep -v vc

If any tables are returned, this is a finding.

Vulnerability Number

V-239201

Documentable

False

Rule Version

VCPG-67-000008

Severity Override Guidance

At the command prompt, execute the following command:

# /opt/vmware/vpostgres/current/bin/psql -d VCDB -x -U postgres -c "\dt;"|grep Owner|grep -v vc

If any tables are returned, this is a finding.

Check Content Reference

Target Key

5324

All VCDB tables must be owned by the "vc" user account.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments