| DG0102-ORACLE11 - DBMS processes or services should run under custom, dedicated OS accounts - 'pmon services are using correct service account' | DISA STIG Oracle 11 Instance v9r1 OS Unix | Unix | ACCESS CONTROL |
| ESXI-67-000005 - The ESXi host must enforce the limit of three consecutive invalid logon attempts by a user. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL |
| ESXI-67-000006 - The ESXi host must enforce the unlock timeout of 15 minutes after a user account is locked out. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL |
| ESXI-67-000013 - The ESXi host SSH daemon must not allow host-based authentication. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000020 - The ESXi host SSH daemon must perform strict mode checking of home directory configuration files. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000025 - The ESXi host SSH daemon must not permit tunnels. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000053 - SNMP must be configured properly on the ESXi host. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000057 - The ESXi host must configure the firewall to block network traffic by default - outgoing | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000065 - For the ESXi host, all port groups must not be configured to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| GEN000000-AIX0210 - The system must provide protection from Internet Control Message Protocol (ICMP) attacks on TCP connections. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0300 - The system must not have the bootp service active. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000000-AIX0310 - The /etc/ftpaccess.ctl file must exist. | DISA STIG AIX 5.3 v1r2 | Unix | ACCESS CONTROL |
| GEN000240 - The system clock must be synchronized to an authoritative DoD time source - 'NTP daemon is started at boot' | DISA STIG AIX 5.3 v1r2 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN000580 - The system must require passwords to contain a minimum of 14 characters. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000585 - The system must enforce the entire password during authentication - 'Verify no password hashes in the /etc/security/passwd' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000595 - Password hashes must have been generated using a FIPS 140-2 hashing algorithm - 'Verify no password hashes in /etc/passwd' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN000640 - The system must require that passwords contain at least one special character. | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN005160 - Any X Windows host must write .Xauthority files. | DISA STIG AIX 5.3 v1r2 | Unix | CONFIGURATION MANAGEMENT |
| GEN008020 - The LDAP TLS connection must require a certificate and this certificate has a valid path to a trusted CA - 'ldapsslkeyf exists' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| GEN008050 - The /etc/ldap.conf file (or equivalent) must not contain passwords - 'bindpwd: is not unencrypted' | DISA STIG AIX 5.3 v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PHTN-40-000232 The Photon operating system must send TCP timestamps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| PHTN-67-000014 - The Photon operating system audit log must attempt to log audit failures to syslog - admin_space_left_action | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000019 - The Photon operating system must allow only the ISSM (or individuals or roles appointed by the ISSM) to select which auditable events are to be audited. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000020 - The Photon operating system must generate audit records when successful/unsuccessful attempts to access privileges occur - 64 | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000039 - The Photon operating system must configure sshd to disconnect idle SSH sessions. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| PHTN-67-000041 - The Photon operating system /var/log directory must be owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000042 - The Photon operating system messages file must be owned by root. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000043 - The Photon operating system messages file must have mode 0640 or less permissive. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - auditd | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| PHTN-67-000050 - The Photon operating system audit files and directories must have correct permissions - aureport | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | AUDIT AND ACCOUNTABILITY |
| VCEM-67-000003 - ESX Agent Manager must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL |
| VCEM-67-000012 - ESX Agent Manager must have Multipurpose Internet Mail Extensions (MIMEs) that invoke operating system shell programs disabled. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | CONFIGURATION MANAGEMENT |
| VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000023 - ESX Agent Manager must not show directory listings. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000003 - Performance Charts must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCPF-67-000019 - Performance Charts must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000020 - Performance Charts must use the 'setCharacterEncodingFilter' filter - filter-mapping | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000025 - Performance Charts must have the debug option turned off. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000026 - Performance Charts must properly configure log sizes and rotation - MaxBackupIndex | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCST-80-000036 The vCenter STS service must disable stack tracing. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000062 The vCenter STS service must be configured to fail to a known safe state if system initialization fails. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-80-000125 The vCenter STS service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL |
| VCST-80-000126 The vCenter STS service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL |
| VCST-80-000141 The vCenter STS service example applications must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000142 The vCenter STS service default ROOT web application must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000151 The vCenter STS service must disable 'ALLOW_BACKSLASH'. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000154 The vCenter STS service manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCST-80-000155 The vCenter STS service host-manager webapp must be removed. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCUI-80-000037 The vCenter UI service must be configured to use a specified IP address and port. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
