Item Search

NameAudit NamePluginCategory
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.MobileIron - DISA Apple iOS/iPadOS 14 v1r4MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.AirWatch - DISA Apple iOS/iPadOS 14 v1r4MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

AIX7-00-001138 - NFS file systems on AIX must be mounted with the nosuid option unless the NFS file systems contain approved setuid or setgid programs.DISA STIG AIX 7.x v2r9Unix

ACCESS CONTROL

Big Sur - Prevent Software From Executing at Higher Privilege Levels than Users Executing The SoftwareNIST macOS Big Sur v1.4.0 - All ProfilesUnix

ACCESS CONTROL

Catalina - Prevent Software From Executing at Higher Privilege Levels than Users Executing The SoftwareNIST macOS Catalina v1.5.0 - All ProfilesUnix

ACCESS CONTROL

DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccessDISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member accessDISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1Unix

ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

DKER-EE-003200 - Docker Enterprise images must be built with the USER instruction to prevent containers from running as root.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

ACCESS CONTROL

EP11-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EDB PostgreSQL Advanced Server v11 DB Audit v2r3PostgreSQLDB

ACCESS CONTROL

EP11-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EDB PostgreSQL Advanced Server v11 DB Audit v2r3PostgreSQLDB

ACCESS CONTROL

EPAS-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EnterpriseDB PostgreSQL Advanced Server DB v1r1PostgreSQLDB

ACCESS CONTROL

EPAS-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EnterpriseDB PostgreSQL Advanced Server DB v1r1PostgreSQLDB

ACCESS CONTROL

GEN000520 - The root user must not own the logon session for an application requiring a continuous display.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GEN000520 - The root user must not own the logon session for an application requiring a continuous display.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000920 - The root account's home directory (other than /) must have mode 0700.DISA STIG Solaris 10 X86 v2r4Unix

ACCESS CONTROL

GEN000920 - The root account's home directory (other than /) must have mode 0700.DISA STIG Solaris 10 SPARC v2r4Unix

ACCESS CONTROL

GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].MobileIron - DISA Google Android 12 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].AirWatch - DISA Google Android 12 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].AirWatch - DISA Google Android 13 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

GOOG-13-008900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].MobileIron - DISA Google Android 13 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

MADB-10-006900 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.DISA MariaDB Enterprise 10.x v1r3 DBMySQLDB

ACCESS CONTROL

Monterey - Prevent Software From Executing at Higher Privilege Levels than Users Executing The SoftwareNIST macOS Monterey v1.0.0 - All ProfilesUnix

ACCESS CONTROL

MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Copy/PasteMobileIron - DISA Microsoft Android 11 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Sharing data into the profileMobileIron - DISA Microsoft Android 11 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes.AirWatch - DISA Microsoft Android 11 COPE v1r1MDM

ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-010600 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.DISA Oracle MySQL 8.0 v1r5 DBMySQLDB

ACCESS CONTROL

OL08-00-030000 - The OL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.DISA Oracle Linux 8 STIG v1r9Unix

ACCESS CONTROL

PGS9-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only.DISA STIG PostgreSQL 9.x on RHEL DB v2r4PostgreSQLDB

ACCESS CONTROL

PPS9-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

ACCESS CONTROL

PPS9-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

ACCESS CONTROL

RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.DISA Red Hat Enterprise Linux 8 STIG v1r14Unix

ACCESS CONTROL

RHEL-09-654010 - RHEL 9 must audit uses of the 'execve' system call.DISA Red Hat Enterprise Linux 9 STIG v1r3Unix

ACCESS CONTROL

SLES-12-010600 - The SUSE operating system Apparmor tool must be configured to control whitelisted applications and user home directory access control.DISA SLES 12 STIG v2r13Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SLES-15-010390 - SUSE operating system AppArmor tool must be configured to control whitelisted applications and user home directory access control.DISA SLES 15 STIG v1r12Unix

ACCESS CONTROL, CONFIGURATION MANAGEMENT

SQL4-00-032600 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.DISA STIG SQL Server 2014 Instance DB Audit v2r3MS_SQLDB

ACCESS CONTROL

SQL6-D0-002900 - Execution of stored procedures and functions that utilize execute as must be restricted to necessary cases only.DISA STIG SQL Server 2016 Database Audit v2r8MS_SQLDB

ACCESS CONTROL

SQL6-D0-010500 - Use of credentials and proxies must be restricted to necessary cases only.DISA STIG SQL Server 2016 Instance DB Audit v2r11MS_SQLDB

ACCESS CONTROL

SQL6-D0-016400 - Execution of startup stored procedures must be restricted to necessary cases only.DISA STIG SQL Server 2016 Instance DB Audit v2r11MS_SQLDB

ACCESS CONTROL

UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - egid b32DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - egid b64DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - euid b32DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - euid b64DISA STIG Ubuntu 16.04 LTS v2r3Unix

ACCESS CONTROL

UBTU-18-010358 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions.DISA STIG Ubuntu 18.04 LTS v2r14Unix

ACCESS CONTROL

UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions.DISA STIG Ubuntu 20.04 LTS v1r12Unix

ACCESS CONTROL