| APPL-14-004001 The macOS system must configure Apple System Log files to be owned by root and group to wheel. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-14-004002 The macOS system must configure Apple System Log files to mode 640 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-004001 - The macOS system must configure Apple System Log (ASL) files owned by root and group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - LogLevel | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - TraceEnable | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000620 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000630 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-W1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006200 - DB2 must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| DTBI1135-IE11 - Internet Explorer Development Tools Must Be Disabled. | DISA STIG IE 11 v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000233 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 10.0 website, patches, loaded modules, and directory paths. | DISA IIS 10.0 Site v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000234 - Debugging and trace information used to diagnose the IIS 10.0 website must be disabled. | DISA IIS 10.0 Site v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000140 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 10.0 web server, patches, loaded modules, and directory paths. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000140 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 10.0 web server, patches, loaded modules, and directory paths. | DISA IIS 10.0 Server v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SI-000234 - Debugging and trace information used to diagnose the IIS 8.5 website must be disabled. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-AG-000132 - The Juniper SRX Services Gateway Firewall must configure ICMP to meet DoD requirements. | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| O112-C2-019900 - The DBMS must only generate error messages that provide information necessary for corrective actions without revealing organization-defined sensitive or potentially harmful information in error logs and administrative messages that could be exploited. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O121-C2-019900 - The DBMS must only generate error messages that provide information necessary for corrective actions without revealing organization-defined sensitive or potentially harmful information in error logs and administrative messages that could be exploited. | DISA STIG Oracle 12c v3r2 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000346 - OHS must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000347 - OHS must have the ServerSignature directive disabled. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000349 - OHS must have the Alias /error directive defined to reference the directory accompanying the ErrorDocument directives to minimize the identity of OHS, patches, loaded modules, and directory paths in warning and error messages displayed to clients. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000350 - OHS must have the permissions set properly via the Directory directive accompanying the ErrorDocument directives to minimize improper access to the warning and error messages displayed to clients - LimitExcept | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 400 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 401 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 403 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 404 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 405 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 410 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 411 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 414 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 415 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 501 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 506 | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000352 - OHS must have production information removed from error documents to minimize the identity of OHS, patches, loaded modules, and directory paths in warning and error messages displayed to clients. | DISA STIG Oracle HTTP Server 12.1.3 v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000030 - The Palo Alto Networks security platform must block outbound ICMP Destination Unreachable, Redirect, and Address Mask reply messages. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000031 - The Palo Alto Networks security platform must block malicious ICMP packets. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-18-010121 - The Ubuntu operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPG-70-000016 - VMware Postgres must provide nonprivileged users with minimal error information. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000252 - Oracle WebLogic must identify potentially security-relevant error conditions. | Oracle WebLogic Server 12c Linux v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000252 - Oracle WebLogic must identify potentially security-relevant error conditions. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000253 - Oracle WebLogic must only generate error messages that provide information necessary for corrective actions without revealing sensitive or potentially harmful information in error logs and administrative messages. | Oracle WebLogic Server 12c Linux v2r2 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000253 - Oracle WebLogic must only generate error messages that provide information necessary for corrective actions without revealing sensitive or potentially harmful information in error logs and administrative messages. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
