Skip to content

Access Control: Default PostgreSQL Credentials

Identifier: psql_default_credentials

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner

Description

Check if the PostgreSQL server accepts default credentials.

PostgreSQL servers configured with default credentials are vulnerable to unauthorized access, which can lead to data breaches and system compromise.

Configuration

Example

Example configuration:

---
security_tests:
  psql_default_credentials:
    assets_allowed:
    - REST
    - GRAPHQL
    - WEBAPP
    skip: false

Reference

assets_allowed

Type : List[AssetType]*

List of assets that this check will cover.

skip

Type : boolean

Skip the test if true.