Item Search

NameAudit NamePluginCategory
AS24-U1-000440 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Unix Server v2r6Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000440 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Unix Server v2r6 MiddlewareUnix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Unix Server v2r6 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Unix Server v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000280 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W2-000440 - Anonymous user access to the Apache web server application directories must be prohibited.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionalityDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

EP11-00-005100 - The EDB Postgres Advanced Server must separate user functionality (including user interface services) from database management functionality.EDB PostgreSQL Advanced Server v11 DB Audit v2r2PostgreSQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000100 - Exchange Mailbox databases must reside on a dedicated partition.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r2Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SI-000221 - Anonymous IIS 10.0 website access accounts must be restricted.DISA IIS 10.0 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000131 - IIS 8.5 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality.DISA RedHat JBoss EAP 6.3 STIG v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-000390 - MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).DISA STIG MongoDB Enterprise Advanced 3.x v2r1 DBMongoDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

O112-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality.DISA STIG Oracle 11.2g v2r3 DatabaseOracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

O121-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality.DISA STIG Oracle 12c v2r8 DatabaseOracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

OH12-1X-000266 - OHS accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA STIG Oracle HTTP Server 12.1.3 v2r2Unix

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-008500 - PostgreSQL must separate user functionality (including user interface services) from database management functionality.DISA STIG PostgreSQL 9.x on RHEL OS v2r3Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.DISA Red Hat Enterprise Linux 9 STIG v1r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

SQL4-00-020500 - SQL Server must be configured to separate user functionality (including user interface services) from database management functionality - including UI services from database management functionality.DISA STIG SQL Server 2014 Instance DB Audit v2r3MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

SRG-OS-000132-ESXI5 - vSphere management traffic must be on a restricted network.DISA STIG VMWare ESXi Server 5 STIG v2r1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000780 - Access to JMX management interface must be restricted.DISA STIG Apache Tomcat Application Server 9 v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000780 - Access to JMX management interface must be restricted.DISA STIG Apache Tomcat Application Server 9 v2r6 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000790 - Access to Tomcat manager application must be restricted.DISA STIG Apache Tomcat Application Server 9 v2r6Unix

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000790 - Access to Tomcat manager application must be restricted.DISA STIG Apache Tomcat Application Server 9 v2r6 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-70-000009 - VAMI server binaries and libraries must be verified for their integrity.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-67-000016 - Performance Charts directory tree must have permissions in an 'out-of-the box' state - out-of-the box state.DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-70-000017 - Performance Charts directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCSA-70-000095 - The vCenter Server users must have the correct roles assigned.DISA STIG VMware vSphere 7.0 vCenter v1r2VMware

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCST-67-000017 - The Security Token Service directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 STS Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCUI-70-000017 - The vSphere UI directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 vCA UI v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000222 - Oracle WebLogic must separate hosted application functionality from Oracle WebLogic management functionality.Oracle WebLogic Server 12c Windows v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000006-DC - Data files owned by users must be on a different logical partition from the directory server data files.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - RolesDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - ServicesDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WPAW-00-001300 - A Windows PAW used to manage domain controllers and directory services must not be used to manage any other type of high-value IT resource.DISA MS Windows Privileged Access Workstation v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION