| AIOS-17-706950 - Apple iOS/iPadOS 17 must be configured to enforce a passcode reuse prohibition of at least two generations. | AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| AIOS-18-006950 - Apple iOS/iPadOS 18 must be configured to enforce a passcode reuse prohibition of at least two generations. | AirWatch - DISA Apple iOS/iPadOS 18 v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037200 - AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037310 - AlmaLinux OS 9 must be configured so that libuser is configured to store only encrypted representations of passwords. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037420 - AlmaLinux OS 9 must be configured so that the system's shadow file is configured to store only encrypted representations of passwords. | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-002038 - Apple macOS must be configured to disable the tftp service. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 12 v1r9 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002038 - The macOS system must be configured to disable the "tftp" service. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CASA-VN-000130 - The Cisco ASA must be configured to not accept certificates that have been revoked when using PKI for authentication. | DISA STIG Cisco ASA VPN v2r2 | Cisco | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001640 - Run control scripts must not execute world-writable programs or scripts. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through a mail aliases file must be owned by root and reside within a directory owned and writable only by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through an aliases file must be owned by root and reside within a directory owned and writable only by root. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases decode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases uudecode alias does not exist' | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005100 - The TFTP daemon must have mode 0755 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005100 - The TFTP daemon must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005140 - Any active TFTP daemon must be authorized and approved in the system accreditation package. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN008660 - For using GRUB, the system must be configured with GRUB as the default unless another boot loader has been authorized. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN008680 - If the system boots from removable media, it must be stored in a safe or similarly secured container. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN008680 - If the system boots from removable media, it must be stored in a safe or similarly secured container. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MADB-10-003900 - If passwords are used for authentication, MariaDB must transmit only encrypted representations of passwords. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MADB-10-004100 - MariaDB must enforce authorized access to all PKI private keys stored/used by the DBMS. | DISA MariaDB Enterprise 10.x v2r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-002950 - If passwords are used for authentication, MongoDB must implement LDAP or Kerberos for authentication to enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r1 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000040 The Photon operating system must not have the telnet package installed. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords - HTTP-Console Disabled | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010405 - The Ubuntu operating system must not have the telnet package installed. | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-215035 - Ubuntu 22.04 LTS must not have the "telnet" package installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-612040 - Ubuntu 22.04 LTS must map the authenticated identity to the user or group account for PKI-based authentication. | DISA Canonical Ubuntu 22.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000013 - VMware Postgres must be configured to use TLS. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
