STIGQter STIGQter: STIG Summary: VMW vRealize Operations Manager 6.x PostgreSQL Security Technical Implementation Guide Version: 1 Release: 1 Benchmark Date: 28 Sep 2018:

If passwords are used for authentication, the vROps PostgreSQL DB must store only hashed, salted representations of passwords.

DISA Rule

SV-98915r1_rule

Vulnerability Number

V-88265

Group Title

SRG-APP-000171-DB-000074

Rule Version

VROM-PG-000190

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Navigate to and open /storage/db/vcops/vpostgres/data/pg_hba.conf. Navigate to the user that has a method of "trust". Change the method to md5.

A correct, typical line will look like the below:
# TYPE DATABASE USER ADDRESS METHOD
host all all 127.0.0.1/32 md5

Check Contents

At the command prompt, execute the following command to enter the psql prompt:

# cat /storage/db/vcops/vpostgres/data/pg_hba.conf

If any rows have "trust" specified for the "METHOD" column, this is a finding.

Vulnerability Number

V-88265

Documentable

False

Rule Version

VROM-PG-000190

Severity Override Guidance

At the command prompt, execute the following command to enter the psql prompt:

# cat /storage/db/vcops/vpostgres/data/pg_hba.conf

If any rows have "trust" specified for the "METHOD" column, this is a finding.

Check Content Reference

M

Target Key

3445

Comments