| AIX7-00-001045 - IF LDAP is used, AIX LDAP client must use SSL to authenticate with LDAP server. | DISA STIG AIX 7.x v2r6 | Unix | |
| AIX7-00-002059 - AIX telnet daemon must not be running. | DISA STIG AIX 7.x v2r6 | Unix | |
| AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rcp | DISA STIG AIX 7.x v2r6 | Unix | |
| AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands - rexec | DISA STIG AIX 7.x v2r6 | Unix | |
| AIX7-00-003041 - The AIX rlogind service must be disabled. | DISA STIG AIX 7.x v2r5 | Unix | |
| AOSX-09-000605 - The operating system must transmit only cryptographically-protected passwords. | DISA STIG Apple Mac OSX 10.9 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| APPL-11-002038 - Apple macOS must be configured to disable the tftp service. | DISA STIG Apple macOS 11 v1r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-11-002038 - Apple macOS must be configured to disable the tftp service. | DISA STIG Apple macOS 11 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-12-002038 - The macOS system must be configured to disable the tftp service. | DISA STIG Apple macOS 12 v1r8 | Unix | IDENTIFICATION AND AUTHENTICATION |
| APPL-13-002038 - The macOS system must be configured to disable the 'tftp' service - tftp service. | DISA STIG Apple macOS 13 v1r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| EPAS-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| FGFW-ND-000245 - The FortiGate device must use LDAPS for the LDAP connection. | DISA Fortigate Firewall NDM STIG v1r4 | FortiGate | IDENTIFICATION AND AUTHENTICATION |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'root has logged in over a network' | DISA STIG AIX 6.1 v1r13 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN001100 - Root passwords must never be passed over a network in clear text form - 'root has logged in over a network' | DISA STIG HP-UX 11.31 v1r19 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 X86 v2r2 | Unix | |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 SPARC v2r2 | Unix | |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 X86 v2r1 | Unix | |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG Solaris 10 SPARC v2r1 | Unix | |
| MADB-10-003900 - If passwords are used for authentication, MariaDB must transmit only encrypted representations of passwords. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - allowInvalidCertificates | DISA STIG MongoDB Enterprise Advanced 3.x v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - CAFile | DISA STIG MongoDB Enterprise Advanced 3.x v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords - PEMKeyFile | DISA STIG MongoDB Enterprise Advanced 3.x v1r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - allowInvalidCertificates | DISA STIG MongoDB Enterprise Advanced 3.x v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - CAFile | DISA STIG MongoDB Enterprise Advanced 3.x v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. - PEMKeyFile | DISA STIG MongoDB Enterprise Advanced 3.x v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Monterey - Disable Trivial File Tansfer Protocol Service | NIST macOS Monterey v1.0.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Trivial File Tansfer Protocol Service | NIST macOS Monterey v1.0.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Monterey - Disable Trivial File Tansfer Protocol Service | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| MYS8-00-005200 - If passwords are used for authentication, the MySQL Database Server 8.0 must transmit only encrypted representations of passwords. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| OH12-1X-000243 - OHS must have the SSLCipherSuite directive enabled to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-215015 - RHEL 9 must not have a File Transfer Protocol (FTP) server package installed. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v1r3 STIG REST API | Splunk | |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v1r4 STIG REST API | Splunk | |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords - HTTP-Console Disabled | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| SYMP-NM-000260 - Symantec ProxySG must transmit only encrypted representations of passwords. | DISA Symantec ProxySG Benchmark NDM v1r2 | BlueCoat | IDENTIFICATION AND AUTHENTICATION |
| UBTU-20-010405 - The Ubuntu operating system must not have the telnet package installed. | DISA STIG Ubuntu 20.04 LTS v1r12 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-67-000013 - VMware Postgres must be configured to use TLS. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001180 - WebSphere Application Server application security must be enabled for each security domain except for publicly available | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-001200 - The WebSphere Application Server secure LDAP (LDAPS) must be used for authentication. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WN08-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows 8/8.1 STIG v1r23 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN11-SO-000110 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows 11 STIG v1r6 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2012 and 2012 R2 DC STIG v3r6 | Windows | |
| WN19-SO-000180 - Windows Server 2019 unencrypted passwords must not be sent to third-party Server Message Block (SMB) servers. | DISA Windows Server 2019 STIG v2r7 | Windows | |
| WN22-SO-000180 - Windows Server 2022 unencrypted passwords must not be sent to third-party Server Message Block (SMB) servers. | DISA Windows Server 2022 STIG v1r5 | Windows | IDENTIFICATION AND AUTHENTICATION |
