| BIND-9X-001060 - A BIND 9.x caching name server must implement DNSSEC validation to check all DNS queries for invalid input - dnssec-enable | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EDB PostgreSQL Advanced Server v11 DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-009700 - When invalid inputs are received, the EDB Postgres Advanced Server must behave in a predictable and documented manner that reflects organizational and system objectives. | EDB PostgreSQL Advanced Server v11 DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives. | DISA F5 BIG-IP Advanced Firewall Manager STIG v2r1 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000229 - The BIG-IP ASM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives. | DISA F5 BIG-IP Application Security Manager STIG v2r1 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization. | DISA F5 BIG-IP Application Security Manager STIG v2r1 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| F5BI-LT-000229 - The BIG-IP Core implementation must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005900 - MariaDB and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-009100 - When invalid inputs are received, MariaDB must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-001000 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-004100 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-006200 - When invalid inputs are received, MongoDB must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 DB | MongoDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-007300 - The MySQL Database Server 8.0 must check the validity of all data inputs except those specifically identified by the organization. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-007400 - The MySQL Database Server 8.0 and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-007500 - The MySQL Database Server 8.0 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-012500 - When invalid inputs are received, the MySQL Database Server 8.0 must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| O112-C2-019500 - The DBMS must check the validity of data inputs. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| O112-C2-019500 - The DBMS must check the validity of data inputs. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031500 - The DBMS and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031600 - The DBMS and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-035200 - When invalid inputs are received, SQL Server must behave in a predictable and documented manner that reflects organizational and system objectives. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL6-D0-002100 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2016 Database Audit v2r8 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000020 - ESX Agent Manager must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCFL-67-000021 - vSphere Client must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-67-000028 - VAMI must set the encoding for all text mime types to UTF-8. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-70-000019 - VAMI must set the encoding for all text Multipurpose Internet Mail Extensions (MIME) types to UTF-8 - cgi | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCLD-70-000019 - VAMI must set the encoding for all text Multipurpose Internet Mail Extensions (MIME) types to UTF-8 - rb | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000019 - Performance Charts must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-67-000020 - Performance Charts must use the 'setCharacterEncodingFilter' filter - filter | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-70-000020 - Performance Charts must set 'URIEncoding' to UTF-8 | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-70-000021 - Performance Charts must use the 'setCharacterEncodingFilter' filter. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPG-67-000024 - VMware Postgres must set client-side character encoding to UTF-8. | DISA STIG VMware vSphere 6.7 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-67-000020 - The Security Token Service must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-67-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter - filter | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-67-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter - filter-mapping | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-70-000020 - The Security Token Service must set 'URIEncoding' to UTF-8. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-70-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter. - filter | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000019 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-70-000021 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WDNS-SI-000001 - The Windows 2012 DNS Server must be configured to only allow zone information that reflects the environment for which it is authoritative, to include IP ranges and IP versions. | DISA Microsoft Windows 2012 Server DNS STIG v2r5 | Windows | SYSTEM AND INFORMATION INTEGRITY |
