Skip to content

Access Control: Default PostgreSQL Credentials

Identifier: psql_default_credentials

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

PostgreSQL servers configured with default credentials are vulnerable to unauthorized access, potentially leading to data breaches and system compromise.

How we test: We attempt to authenticate to PostgreSQL servers using common default username and password combinations. If authentication succeeds, we report the vulnerability and verify if default credentials are still in use.

Configuration

Example

Example configuration:

---
security_tests:
  psql_default_credentials:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.