| 1.71 UBTU-22-271030 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I | Unix | CONFIGURATION MANAGEMENT |
| 1.89 UBTU-22-432015 | CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| ALMA-09-037200 - AlmaLinux OS 9 PAM must be configured to use a sufficient number of password hashing rounds. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| ALMA-09-037860 - AlmaLinux OS 9 must not have any telnet packages installed. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 11 v1r8 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002031 - The macOS system must be configured to disable the system preference pane for Apple ID. | DISA STIG Apple macOS 13 v1r5 | Unix | CONFIGURATION MANAGEMENT |
| APPL-13-002038 - The macOS system must be configured to disable the "tftp" service. | DISA STIG Apple macOS 13 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-009500 - If passwords are used for authentication, PostgreSQL must store only hashed, salted representations of passwords. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | IDENTIFICATION AND AUTHENTICATION |
| CD12-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL. | DISA STIG Crunchy Data PostgreSQL OS v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004600 - The EDB Postgres Advanced Server must enforce authorized access to all PKI private keys stored/used by the EDB Postgres Advanced Server. | EnterpriseDB PostgreSQL Advanced Server OS Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| F5BI-AP-300052 - The F5 BIG-IP appliance must configure certification path validation to ensure revoked machine credentials are prohibited from establishing an allowed session. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | IDENTIFICATION AND AUTHENTICATION |
| F5BI-AP-300154 - The F5 BIG-IP appliance must configure certificate path validation to ensure revoked user credentials are prohibited from establishing an allowed session. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | IDENTIFICATION AND AUTHENTICATION |
| GEN000100 - The operating system must be a supported release. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN000560 - The system must not have accounts configured with blank or null passwords. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.rhosts' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - '.shosts' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'hosts.equiv' | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN002040 - There must be no .rhosts, .shosts, hosts.equiv, or shosts.equiv files on the system - 'shosts.equiv' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002220 - All shell files must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004220 - Administrative accounts must not run a web browser, except as needed for local service administration. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through a mail aliases file must be owned by root and reside within a directory owned and writable only by root. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN004400 - Files executed through an aliases file must be owned by root and reside within a directory owned and writable only by root. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN004600 - The SMTP service must be an up-to-date version - 'sendmail' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004600 - The SMTP service must be an up-to-date version. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/etc/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN004640 - The SMTP service must not have a uudecode alias active - '/usr/lib/aliases' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005000 - Anonymous FTP accounts must not have a functional shell. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN005080 - The TFTP daemon must operate in 'secure mode' which provides access only to a single directory on the host file system. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN005100 - The TFTP daemon must have mode 0755 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN005300 - SNMP communities, users, and passphrases must be changed from the default. | DISA STIG AIX 6.1 v1r14 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN008600 - The system must be configured to only boot from the system boot device. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN008660 - For using GRUB, the system must be configured with GRUB as the default unless another boot loader has been authorized. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| MD4X-00-002950 - If passwords are used for authentication, MongoDB must implement LDAP or Kerberos for authentication to enforce the DoD standards for password complexity and lifetime. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-003000 - If passwords are used for authentication, MongoDB must store only hashed, salted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD8X-00-003900 - MongoDB must enforce authorized access to all PKI private keys stored/used by the DBMS. | DISA MongoDB Enterprise Advanced 8.x STIG v1r1 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0. | DISA Oracle MySQL 8.0 v2r2 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-005200 - If passwords are used for authentication, the MySQL Database Server 8.0 must transmit only encrypted representations of passwords. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-014800 - Oracle Database must, for password-based authentication, store passwords using an approved salted key derivation function, preferably using a keyed hash. | DISA Oracle Database 19c STIG v1r3 OracleDB | OracleDB | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r3 Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| O19C-00-015200 - Oracle Database, when using public key infrastructure (PKI)-based authentication, must enforce authorized access to the corresponding private key. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-10-600750 - RHEL 10 must be configured so that user and group account administration utilities are configured to store only encrypted representations of passwords. | DISA Red Hat Enterprise Linux 10 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SQLI-22-008200 - If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010405 - The Ubuntu operating system must not have the telnet package installed. | DISA Canonical Ubuntu 20.04 LTS STIG v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-22-612040 - Ubuntu 22.04 LTS must map the authenticated identity to the user or group account for PKI-based authentication. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| UBTU-24-400370 - Ubuntu 24.04 LTS must map the authenticated identity to the user or group account for PKI-based authentication. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN25-DC-000290 - Windows Server 2025 domain Controller PKI certificates must be issued by the DOD PKI or an approved External Certificate Authority (ECA). | DISA Microsoft Windows Server 2025 STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
