800-53|SI-11a.

Title

ERROR HANDLING

Description

Generates error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries; and

Reference Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

Family: SYSTEM AND INFORMATION INTEGRITY

Baseline Impact: MODERATE,HIGH

Audit Items

View all Reference Audit Items

NamePluginAudit Name
3.2 Ensure 'debug' is turned off - ApplicationsWindowsCIS IIS 8.0 v1.5.0 Level 2
3.2 Ensure 'debug' is turned off - ApplicationsWindowsCIS IIS 7 L2 v1.8.0
3.2 Ensure 'debug' is turned off - DefaultWindowsCIS IIS 7 L2 v1.8.0
3.2 Ensure 'debug' is turned off - DefaultWindowsCIS IIS 8.0 v1.5.0 Level 2
3.3 Ensure Custom Error Messages are not Off - ApplicationsWindowsCIS IIS 8.0 v1.5.0 Level 2
3.3 Ensure Custom Error Messages are not Off - ApplicationsWindowsCIS IIS 7 L2 v1.8.0
3.3 Ensure Custom Error Messages are not Off - DefaultWindowsCIS IIS 7 L2 v1.8.0
3.3 Ensure Custom Error Messages are not Off - DefaultWindowsCIS IIS 8.0 v1.5.0 Level 2
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - ApplicationsWindowsCIS IIS 8.0 v1.5.0 Level 1
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - ApplicationsWindowsCIS IIS 7 L1 v1.8.0
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultWindowsCIS IIS 7 L1 v1.8.0
3.4 Ensure IIS HTTP detailed errors are hidden from displaying remotely - DefaultWindowsCIS IIS 8.0 v1.5.0 Level 1
3.5 Ensure ASP.NET stack tracing is not enabled - ApplicationsWindowsCIS IIS 8.0 v1.5.0 Level 2
3.5 Ensure ASP.NET stack tracing is not enabled - ApplicationsWindowsCIS IIS 7 L2 v1.8.0
3.5 Ensure ASP.NET stack tracing is not enabled - DefaultWindowsCIS IIS 8.0 v1.5.0 Level 2
3.5 Ensure ASP.NET stack tracing is not enabled - DefaultWindowsCIS IIS 7 L2 v1.8.0
7.3 Ensure compilation or scripting of database pages via the PageParserPaths elements is not allowedWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
7.3 Ensure compilation or scripting of database pages via the PageParserPaths elements is not allowedWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
7.4 Ensure the SharePoint CallStack and AllowPageLevelTrace 'SafeMode' parameters are set to false - AllowPageLevelTraceWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
7.4 Ensure the SharePoint CallStack and AllowPageLevelTrace 'SafeMode' parameters are set to false - AllowPageLevelTraceWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
7.4 Ensure the SharePoint CallStack and AllowPageLevelTrace 'SafeMode' parameters are set to false - CallStackWindowsCIS Microsoft SharePoint 2016 OS v1.1.0
7.4 Ensure the SharePoint CallStack and AllowPageLevelTrace 'SafeMode' parameters are set to false - CallStackWindowsCIS Microsoft SharePoint 2019 OS v1.0.0
12 - AutoSupport - Remove Private DataNetapp_APINetApp Security Hardening Guide for ONTAP 9 v1.7.0
13 - Disable stacktrace in response bodyUnixTNS Best Practice JBoss 7 Linux
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
18.8.22.1.3 Ensure 'Turn off handwriting recognition error reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 v3.2.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 v3.2.0
18.8.22.1.14 Ensure 'Turn off Windows Error Reporting' is set to 'Enabled'WindowsCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0
AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.UnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.UnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - LogLevelUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - LogLevelUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - TraceEnableUnixDISA STIG Apache Server 2.4 Unix Server v2r5
AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - TraceEnableUnixDISA STIG Apache Server 2.4 Unix Server v2r5 Middleware
AS24-U2-000620 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000620 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000630 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000630 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.UnixDISA STIG Apache Server 2.4 Unix Site v2r2 Middleware
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.UnixDISA STIG Apache Server 2.4 Unix Site v2r2
AS24-W1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.WindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled.WindowsDISA STIG Apache Server 2.4 Windows Server v2r2
AS24-W2-000610 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Generate Error Messages without Exploitable InformationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Generate Error Messages without Exploitable InformationUnixNIST macOS Catalina v1.5.0 - All Profiles
DTBC-0068 - Chrome development tools must be disabled.WindowsDISA STIG Google Chrome v2r6
DTBI1135-IE11 - Internet Explorer Development Tools Must Be Disabled.WindowsDISA STIG IE 11 v2r2
FFOX-00-000015 - Firefox development tools must be disabled.UnixDISA STIG Mozilla Firefox MacOS v6r3