PGS9-00-003700 - When invalid inputs are received, PostgreSQL must behave in a predictable and documented manner that reflects organizational and system objectives.

Information

A common vulnerability is unplanned behavior when invalid inputs are received. This requirement guards against adverse or unintended system behavior caused by invalid inputs, where information system responses to the invalid input may be disruptive or cause the system to fail into an unsafe state.

The behavior will be derived from the organizational and system requirements and includes, but is not limited to, notification of the appropriate personnel, creating an audit record, and rejecting invalid input.

Solution

Enable logging.

To ensure that logging is enabled, review supplementary content APPENDIX-C for instructions on enabling logging.

All errors and denials are logged if logging is enabled.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_PGS_SQL_9-x_V2R5_STIG.zip

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-10(3), CAT|II, CCI|CCI-002754, Rule-ID|SV-214079r961656_rule, STIG-ID|PGS9-00-003700, STIG-Legacy|SV-87559, STIG-Legacy|V-72907, Vuln-ID|V-214079

Plugin: PostgreSQLDB

Control ID: 1d255775228f9881e9eb796c68cf73d5c30e1490b5921e22a59c3cc925dbd2dc