| 2.3 Ensure the WebDAV Modules Are Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Ensure the WebDAV Modules Are Disabled | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 2.3 Ensure the WebDAV Modules Are Disabled | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 10 L2 v1.1.0 | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| 3.2 Disable the Shutdown port | CIS Apache Tomcat 8 L2 v1.1.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 4.15 Restrict access to jaspic-providers.xml | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.15 Restrict access to jaspic-providers.xml | CIS Apache Tomcat 10.1 v1.1.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.15 Restrict access to jaspic-providers.xml | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf <VirtualHost> Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 | Unix | AUDIT AND ACCOUNTABILITY |
| 6.2 Ensure a Syslog Facility Is Configured for Error Logging - 'httpd.conf <VirtualHost> Syslog is configured' | CIS Apache HTTP Server 2.2 L2 v3.6.0 Middleware | Unix | AUDIT AND ACCOUNTABILITY |
| 7.4 Ensure directory in context.xml is a secure location - configuration | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.4 Ensure directory in context.xml is a secure location - permissions | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 7.4 Ensure directory in context.xml is a secure location - permissions | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 7.6 Ensure directory in logging.properties is a secure location - check application log directory is secure | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 7.6 Ensure directory in logging.properties is a secure location - check log directory location | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | ACCESS CONTROL |
| 7.6 Ensure directory in logging.properties is a secure location - check prefix application name | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | ACCESS CONTROL |
| 7.6 Ensure directory in logging.properties is a secure location - check prefix application name | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 8 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 | Unix | CONFIGURATION MANAGEMENT |
| 9.1 Starting Tomcat with Security Manager | CIS Apache Tomcat 10 L1 v1.1.0 Middleware | Unix | CONFIGURATION MANAGEMENT |
| 10.3 Restrict manager application | CIS Apache Tomcat 8 L2 v1.1.0 | Unix | ACCESS CONTROL |
| 10.14 Do not run applications as privileged | CIS Apache Tomcat 8 L1 v1.1.0 | Unix | ACCESS CONTROL |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| AS24-U1-000940 - The account used to run the Apache web server must not have a valid login shell and password defined. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | CONFIGURATION MANAGEMENT |
| AS24-U1-000940 - The account used to run the Apache web server must not have a valid login shell and password defined. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | CONFIGURATION MANAGEMENT |
| DISA_F5_BIG-IP_Device_Management_v2r4.audit from DISA F5 BIG-IP Device Management v2r4 STIG | DISA F5 BIG-IP Device Management STIG v2r4 | F5 | |
| DISA_STIG_Adobe_Acrobat_Pro_DC_Classic_Track_v2r1.audit from DISA Adobe Acrobat Professional DC Classic Track v2r1 STIG | DISA STIG Adobe Acrobat Pro DC Classic Track v2r1 | Windows | |
| DISA_STIG_Adobe_Acrobat_Pro_DC_Continuous_Track_v2r1.audit from DISA Adobe Acrobat Professional DC Continuous Track v2r1 STIG | DISA STIG Adobe Acrobat Pro DC Continuous Track v2r1 | Windows | |
| DISA_STIG_Adobe_Acrobat_Reader_DC_Classic_Track_v2r1.audit from DISA Adobe Acrobat Reader DC Classic Track v2r1 STIG | DISA STIG Adobe Acrobat Reader DC Classic Track v2r1 | Windows | |
| DISA_STIG_Adobe_Acrobat_Reader_DC_Continuous_Track_v2r1.audit from DISA Adobe Acrobat Reader DC Continuous Track v2r1 STIG | DISA STIG Adobe Acrobat Reader DC Continuous Track v2r1 | Windows | |
| DISA_STIG_MongoDB_Enterprise_Advanced_3.x_DB_v2r3.audit from DISA MongoDB Enterprise Advanced 3.x v2r3 STIG | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DB | MongoDB | |
| DISA_STIG_MongoDB_Enterprise_Advanced_4.x_DB_v1r4.audit from DISA MongoDB Enterprise Advanced 4.x v1r4 STIG | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | |
| DISA_STIG_VMware_vSphere_6.7_VAMI-lighttpd_v1r3.audit from DISA VMware vSphere 6.7 VAMI-lighttpd v1r3 STIG | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_EAM_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance EAM v1r2 STIG | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_RhttpProxy_v1r1.audit from DISA VMware vSphere 7.0 vCenter Appliance RhttpProxy v1r1 STIG | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_SVC.audit from DISA VMware vSphere 7.0 vCenter Appliance Lookup Service v1r2 STIG | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_vCA_PostgreSQL_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance PostgreSQL v1r2 STIG | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | |
| DISA_STIG_VMware_vSphere_7.0_vCA_STS_v1r2.audit from DISA VMware vSphere 7.0 vCenter Appliance STS v1r2 STIG | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | |
| DISA_VMware_vSphere_8.0_vCenter_Appliance_Perfcharts_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | |
| EX16-ED-000570 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2016 Edge Transport Server STIG v2r6 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EX19-ED-000238 - Exchange must render hyperlinks from email sources from non-.mil domains as unclickable. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-NM-000490 - The Juniper EX switch must use an an NTP service that is hosted by a trusted source or a DOD-compliant enterprise or local NTP server. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| VCEM-70-000010 - ESX Agent Manager must not be configured with unsupported realms. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000016 - vSphere Client must be configured with memory leak protection. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | CONFIGURATION MANAGEMENT |
| VCFL-67-000024 - vSphere Client must be configured to show error pages with minimal information. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000010 - Performance Charts must not be configured with unsupported realms. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | CONFIGURATION MANAGEMENT |
| WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 Middleware | Unix | CONFIGURATION MANAGEMENT |
| WA00505 A22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | CONFIGURATION MANAGEMENT |
| WA00505 W22 - Web Distributed Authoring and Versioning (WebDAV) must be disabled. | DISA STIG Apache Server 2.2 Windows v1r13 | Windows | CONFIGURATION MANAGEMENT |
