CAT|I

Title

DISA Severity Level 1

Description

Any vulnerability, the exploitation of which will directly and immediately result in loss of Confidentiality, Availability, or Integrity.

Reference Item Details

Category: Severity Level

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.1 JBoss Enterprise Application Platform should be a vendor supported versionUnixRedhat JBoss EAP 5.x
1.1/1.2 - JBoss Enterprise Application Platform/Ensure Java Runtime Environment in use is a supported versionUnixRedhat JBoss EAP 5.x
1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties and normal operational tasks.WindowsDISA Windows Server 2008 DC STIG v6r47
1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties and normal operational tasks.WindowsDISA Windows Server 2008 MS STIG v6r46
1.006 - Users with Administrative privilege are not documented or do not have separate accounts for administrative duties.WindowsDISA Windows Vista STIG v6r41
1.006 - Users with administrative privilege must be documented and have separate accounts for administrative duties and normal operational tasks.WindowsDISA Windows 7 STIG v1r32
1.006 - Users with Administrative privilege will be documented and have separate accounts for administrative duties and normal operational tasks.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
1.006 - Users with Administrative privilege will be documented and have separate accounts for administrative duties and normal operational tasks.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
1.006-01 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
1.006-01 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.WindowsDISA Windows Server 2008 DC STIG v6r47
1.006-01 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.WindowsDISA Windows Server 2008 MS STIG v6r46
1.006-01 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email.WindowsDISA Windows 7 STIG v1r32
1.006-01 - Policy must require that administrative user accounts not be used with applications that access the internet.WindowsDISA Windows Vista STIG v6r41
1.23 snmp-adaptor.sar must not be deployed - 'JBOSS_HOME/server/@PROFILE@/deploy/snmp-adaptor.sar'UnixRedhat JBoss EAP 5.x
1.290 - The system must not have accounts configured with blank or null passwords - password-authUnixTenable Fedora Linux Best Practices v2.0.0
1.440 - The system must not allow an unattended or automatic logon to the system via a graphical user interface.UnixTenable Fedora Linux Best Practices v2.0.0
1.450 - The system must not allow an unrestricted logon to the system.UnixTenable Fedora Linux Best Practices v2.0.0
1.480 - systems prior to version 7.2 with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - passwordUnixTenable Fedora Linux Best Practices v2.0.0
1.480 - systems prior to version 7.2 with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - superusersUnixTenable Fedora Linux Best Practices v2.0.0
1.482 - systems version 7.2 or newer with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - passwordUnixTenable Fedora Linux Best Practices v2.0.0
1.482 - systems version 7.2 or newer with a Basic Input/Output System (BIOS) must require authentication upon booting into single-user and maintenance modes - superusersUnixTenable Fedora Linux Best Practices v2.0.0
1.490 - systems prior to version 7.2 using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - passwordUnixTenable Fedora Linux Best Practices v2.0.0
1.490 - systems prior to version 7.2 using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - superusersUnixTenable Fedora Linux Best Practices v2.0.0
1.491 - systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - passwordUnixTenable Fedora Linux Best Practices v2.0.0
1.491 - systems version 7.2 or newer using Unified Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user and maintenance modes - superusersUnixTenable Fedora Linux Best Practices v2.0.0
2.005 - Systems must be at supported service pack (SP) or release levels.WindowsDISA Windows 7 STIG v1r32
2.005 - Systems must be at supported service packs (SP) or releases levels.WindowsDISA Windows Vista STIG v6r41
2.005 - Systems must be maintained at a supported version of an operating system - SP or release levels.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
2.005 - Systems must be maintained at a supported version of an operating system - SP or release levels.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
2.005 - Systems must be maintained at a supported version of an operating system - SP or releases levels.WindowsDISA Windows Server 2008 MS STIG v6r46
2.005 - Systems must be maintained at a supported version of an operating system - SP or releases levels.WindowsDISA Windows Server 2008 DC STIG v6r47
2.008 - Local volumes are not formatted using NTFS.WindowsDISA Windows Vista STIG v6r41
2.008 - Local volumes are not formatted using NTFS.WindowsDISA Windows Server 2008 DC STIG v6r47
2.008 - Local volumes are not formatted using NTFS.WindowsDISA Windows Server 2008 MS STIG v6r46
2.008 - Local volumes must be formatted using NTFS.WindowsDISA Windows 7 STIG v1r32
2.008 - Local volumes will be formatted using NTFS.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
2.008 - Local volumes will be formatted using NTFS.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
2.022 - Disallow AutoPlay/Autorun from Autorun.infWindowsDISA Windows Server 2008 DC STIG v6r47
2.022 - Disallow AutoPlay/Autorun from Autorun.infWindowsDISA Windows Vista STIG v6r41
2.022 - Disallow AutoPlay/Autorun from Autorun.infWindowsDISA Windows Server 2008 MS STIG v6r46
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows 7 STIG v1r32
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 R2 MS STIG v1r33
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 MS STIG v6r46
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 DC STIG v6r47
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Server 2008 R2 DC STIG v1r34
2.023 - Standard user accounts must only have Read permissions to the Winlogon registry key.WindowsDISA Windows Vista STIG v6r41
2.1350 - The system must implement NIST FIPS-validated cryptography - fipsUnixTenable Fedora Linux Best Practices v2.0.0
3.018 - Anonymous enumeration of shares must be restricted.WindowsDISA Windows 7 STIG v1r32
3.018 - Anonymous enumeration of shares will be restricted.WindowsDISA Windows Server 2008 R2 DC STIG v1r34