| AIX7-00-003005 - AIX must disable /usr/bin/rcp, /usr/bin/rlogin, /usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003041 - The AIX rlogind service must be disabled. | DISA STIG AIX 7.x v3r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-13-000606 - The macOS system must not use unencrypted FTP. | DISA STIG Apple Mac OSX 10.13 v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-002038 - The macOS system must be configured to disable the tftp service. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AS24-W1-000370 - The Apache web server must encrypt passwords during transmission. | DISA STIG Apache Server 2.4 Windows Server v3r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows | Windows | IDENTIFICATION AND AUTHENTICATION |
| EP11-00-004400 - If passwords are used for authentication, the EDB Postgres Advanced Server must transmit only encrypted representations of passwords. | EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| GEN005500 - The SSH daemon must be configured to only use the SSHv2 protocol. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| GEN005501 - The SSH client must be configured to only use the SSHv2 protocol. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| IIST-SI-000220 - A private IIS 10.0 website authentication mechanism must use client certificates to transmit session identifier to assure integrity. | DISA IIS 10.0 Site v2r11 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000220 - A private websites authentication mechanism must use client certificates to transmit session identifier to assure integrity. | DISA IIS 8.5 Site v2r9 | Windows | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| JBOS-AS-000310 - JBoss must utilize encryption when using LDAP for authentication. | DISA JBoss EAP 6.3 STIG v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JUSX-DM-000136 - For local accounts using password authentication (i.e., the root account and the account of last resort) the Juniper SRX Services Gateway must use the SHA1 or later protocol for password authentication. | DISA Juniper SRX Services Gateway NDM v3r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MD3X-00-000340 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-000600 - If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| MD7X-00-003900 If passwords are used for authentication, MongoDB must transmit only encrypted representations of passwords. | DISA MongoDB Enterprise Advanced 7.x STIG v1r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000241 - OHS must use FIPS modules to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLProtocol | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLWallet | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000243 - OHS must have the SSLCipherSuite directive enabled to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL6-00-000227 - The SSH daemon must be configured to use only the SSHv2 protocol. | DISA STIG Oracle Linux 6 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OL07-00-040390 - The Oracle Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol. | DISA Oracle Linux 7 STIG v3r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000061 - The Palo Alto Networks security platform must prohibit the use of unencrypted protocols for network access to privileged accounts. | DISA STIG Palo Alto NDM v3r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-000800 - If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords. | DISA STIG PostgreSQL 9.x on RHEL OS v2r5 | Unix | IDENTIFICATION AND AUTHENTICATION |
| RHEL-07-040390 - The Red Hat Enterprise Linux operating system must be configured so that the SSH daemon is configured to only use the SSHv2 protocol. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SLES-12-030000 - The SUSE operating system must not have the telnet-server package installed. | DISA SLES 12 STIG v3r2 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000080 - Splunk Enterprise must use LDAPS for the LDAP connection. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000390 - Splunk Enterprise must be installed in FIPS mode to implement NIST FIPS-approved cryptography for all cryptographic functions. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| SQL6-D0-008200 - If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. | DISA STIG SQL Server 2016 Instance DB Audit v3r4 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008300 - Confidentiality of information during transmission is controlled through the use of an approved TLS version. | DISA STIG SQL Server 2016 Instance OS Audit v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| TCAT-AS-000040 - TLS 1.2 must be used on secured HTTP connectors. | DISA STIG Apache Tomcat Application Server 9 v3r2 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-16-030000 - The telnetd package must not be installed. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| UBTU-18-010105 - The Ubuntu operating system must not have the telnet package installed. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCLD-70-000003 - VAMI must use cryptography to protect the integrity of remote sessions. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS). | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Windows v2r2 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000180 - The WebSphere Application Server Single Sign On (SSO) must have SSL enabled for Web and SIP Security. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WN10-SO-000110 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Microsoft Windows 10 STIG v3r4 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN16-SO-000210 - Unencrypted passwords must not be sent to third-party Server Message Block (SMB) servers. | DISA Microsoft Windows Server 2016 STIG v2r10 | Windows | IDENTIFICATION AND AUTHENTICATION |
