Skip to content

Access Control: Exposed PostgreSQL Server

Identifier: psql_exposed

Scanner(s) Support

GraphQL Scanner REST Scanner WebApp Scanner ASM Scanner

Description

PostgreSQL server exposure to the public internet allows unauthorized access attempts, potentially leading to data breaches if the server is not properly secured.

How we test: We attempt to connect to PostgreSQL servers on standard ports and analyze connection responses to detect if PostgreSQL servers are exposed to the public internet. We check if servers accept connections from untrusted networks and verify if access controls are properly configured.

Configuration

Example

Example configuration:

---
security_tests:
  psql_exposed:
    skip: false

Reference

skip

Type : boolean

Skip the test if true.