| AIX7-00-001045 - IF LDAP is used, AIX LDAP client must use SSL to authenticate with LDAP server. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-002060 - AIX ftpd daemon must not be running. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AIX7-00-003041 - The AIX rlogind service must be disabled. | DISA STIG AIX 7.x v2r9 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-14-002038 - The macOS system must be configured to disable the tftpd service. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AOSX-15-002038 - The macOS system must be configured to disable the tftp service. | DISA STIG Apple Mac OSX 10.15 v1r10 | Unix | IDENTIFICATION AND AUTHENTICATION |
| AS24-W1-000370 - The Apache web server must encrypt passwords during transmission. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - 800-53r4 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Big Sur - Disable Trivial File Tansfer Protocol Service | NIST macOS Big Sur v1.4.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - CNSSI 1253 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-53r4 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-53r5 Low | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| Catalina - Disable Trivial File Tansfer Protocol Service | NIST macOS Catalina v1.5.0 - 800-171 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| DB2X-00-004100 - If passwords are used for authentication, DB2 must transmit only encrypted representations of passwords | DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000305 - LDAP enabled security realm value allow-empty-passwords must be set to false. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| JBOS-AS-000310 - JBoss must utilize encryption when using LDAP for authentication. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000240 - OHS must have the LoadModule ossl_module directive enabled to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000241 - OHS must use FIPS modules to encrypt passwords during transmission. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| OH12-1X-000242 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to encrypt passwords during transmission - SSLEngine | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| PANW-NM-000061 - The Palo Alto Networks security platform must prohibit the use of unencrypted protocols for network access to privileged accounts. | DISA STIG Palo Alto NDM v2r2 | Palo_Alto | IDENTIFICATION AND AUTHENTICATION |
| PGS9-00-000800 - If passwords are used for authentication, PostgreSQL must transmit only encrypted representations of passwords. | DISA STIG PostgreSQL 9.x on RHEL OS v2r4 | Unix | IDENTIFICATION AND AUTHENTICATION |
| SLES-12-030011 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 12 STIG v2r13 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SLES-15-010030 - The SUSE operating system must not have the vsftpd package installed if not required for operational support. | DISA SLES 15 STIG v1r12 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SLES-15-010180 - The SUSE operating system must not have the telnet-server package installed. | DISA SLES 15 STIG v1r12 | Unix | CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000080 - Splunk Enterprise must use LDAPS for the LDAP connection. | DISA STIG Splunk Enterprise 7.x for Windows v2r4 REST API | Splunk | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008200 - If passwords are used for authentication, SQL Server must transmit only encrypted representations of passwords. | DISA STIG SQL Server 2016 Instance DB Audit v2r11 | MS_SQLDB | IDENTIFICATION AND AUTHENTICATION |
| SQL6-D0-008300 - Confidentiality of information during transmission is controlled through the use of an approved TLS version. | DISA STIG SQL Server 2016 Instance OS Audit v2r11 | Windows | IDENTIFICATION AND AUTHENTICATION |
| TCAT-AS-000690 - LDAP authentication must be secured. | DISA STIG Apache Tomcat Application Server 9 v2r7 | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCPG-70-000011 - VMware Postgres must be configured to use Transport Layer Security (TLS). | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000168 - Oracle WebLogic must encrypt passwords during transmission. | Oracle WebLogic Server 12c Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r1 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Linux v2r1 Middleware | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBLC-05-000169 - Oracle WebLogic must utilize encryption when using LDAP for authentication. | Oracle WebLogic Server 12c Windows v2r1 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - administrative security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000170 - The WebSphere Application Server global application security must be enabled - application security | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION |
| WN12-SO-000030 - Unencrypted passwords must not be sent to third-party SMB Servers. | DISA Windows Server 2012 and 2012 R2 MS STIG v3r7 | Windows | IDENTIFICATION AND AUTHENTICATION |
| WN19-SO-000180 - Windows Server 2019 unencrypted passwords must not be sent to third-party Server Message Block (SMB) servers. | DISA Windows Server 2019 STIG v2r8 | Windows | IDENTIFICATION AND AUTHENTICATION |
