STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated just now
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide

V-259329

CAT I (High)

EDB Postgres Advanced Server products must be a version supported by the vendor.

Rule ID

SV-259329r997401_rule

STIG

EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide

Version

V2R1

CCIs

CCI-003376

Discussion

Unsupported commercial and database systems should not be used because fixes to newly identified bugs will not be implemented by the vendor. The lack of support can result in potential vulnerabilities. Systems at unsupported servicing levels or releases will not receive security updates for new vulnerabilities, which leaves them subject to exploitation. When maintenance updates and patches are no longer available, the database software is no longer considered supported and should be upgraded or decommissioned.

Check Content

Review the system documentation and interview the database administrator.
 
Identify all database software components.
 
Review the current version and release information as follows:

> /usr/edb/as<version>/bin/edb-postgres --version
 
Access the EDB website to validate that the version is currently supported: https://www.enterprisedb.com/resources/platform-compatibility

If the DBMS or any of the software components are not supported by the vendor, this is a finding.

Fix Text

Remove or decommission all unsupported software products.

Upgrade unsupported DBMS or unsupported components to a supported version of the product.