Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-000197
CCI
CCI|CCI-000197
Title
For password-based authentication, transmit passwords only cryptographically-protected channels.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.4 SLES-15-010030
Unix
CIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT I
1.4 UBTU-24-100030
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT I
1.14 AZLX-23-000300
Unix
CIS Amazon Linux 2023 STIG v1.0.0 CAT I
1.14 VCSA-80-000077
VMware
CIS VMware vSphere 8.0 vCenter STIG v1.0.0 CAT I
1.15 UBTU-22-215035
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT I
1.16 IBMW-LS-000450
Unix
CIS IBM WebSphere Liberty Server STIG v1.0.0 CAT I
1.18 SLES-15-010180
Unix
CIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT I
1.19 PHTN-40-000040
Unix
CIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT I
1.21 RHEL-10-200070
Unix
CIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.23 RHEL-10-200090
Unix
CIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT I
1.31 SQLI-22-008200
MS_SQLDB
CIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT I MS_SQLDB
1.32 OL09-00-000130
Unix
CIS Oracle Linux 9 STIG v1.0.0 CAT I
1.32 SQLI-22-008300
Windows
CIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT I Windows
1.33 MADB-10-003900
MySQLDB
CIS MariaDB Enterprise 10.x STIG v1.1.0 CAT I MySQLDB
1.50 RHEL-09-215015
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT I
1.71 O19C-00-014900
Unix
CIS Oracle Database 19c STIG v1.1.0 CAT II Unix
1.71 O19C-00-014900
Windows
CIS Oracle Database 19c STIG v1.1.0 CAT II Windows
1.79 APPL-14-002038
Unix
CIS Apple macOS 14 Sonoma STIG v1.0.0 CAT I
1.81 APPL-26-002038
Unix
CIS Apple macOS 26 Tahoe STIG v1.0.0 CAT I
1.130 SOL-11.1-050240
Unix
CIS Solaris 11 X86 STIG v1.0.0 CAT II
1.132 SOL-11.1-050240
Unix
CIS Solaris 11 SPARC STIG v1.0.0 CAT II
1.205 WN10-SO-000110
Windows
CIS Microsoft Windows 10 STIG v1.0.0 CAT II
1.223 WN16-SO-000210
Windows
CIS Microsoft Windows Server 2016 STIG v4.0.0 MS CAT II
1.223 WN16-SO-000210
Windows
CIS Microsoft Windows Server 2016 STIG v4.0.0 DC CAT II
1.225 WN19-SO-000180
Windows
CIS Microsoft Windows Server 2019 STIG v4.0.0 DC CAT II
1.225 WN19-SO-000180
Windows
CIS Microsoft Windows Server 2019 STIG v4.0.0 MS CAT II
1.225 WN22-SO-000180
Windows
CIS Microsoft Windows Server 2022 STIG v3.0.0 DC CAT II
1.225 WN22-SO-000180
Windows
CIS Microsoft Windows Server 2022 STIG v3.0.0 MS CAT II
1.296 ALMA-09-037750
Unix
CIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.297 ALMA-09-037860
Unix
CIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT I
1.432 RHEL-10-800310
Unix
CIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
3.034 - Unencrypted passwords must not be sent to third-party SMB Servers.
Windows
DISA Windows Vista STIG v6r41
5.3.29 Ensure SSH Protocol is set to 2
Unix
CIS Amazon Linux 2 STIG v2.0.1 STIG
5.3.29 Ensure SSH Protocol is set to 2
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AIX7-00-001045 - IF LDAP is used, AIX LDAP client must use SSL to authenticate with LDAP server.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-001124 - AIX root passwords must never be passed over a network in clear text form.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-002058 - The AIX rexec daemon must not be running.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-002059 - AIX telnet daemon must not be running.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-002060 - AIX ftpd daemon must not be running.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-003005 - AIX must disable /usr/bin/rcp,/usr/bin/rlogin,/usr/bin/rsh, /usr/bin/rexec and /usr/bin/telnet commands.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-003040 - The AIX rsh daemon must be disabled.
Unix
DISA IBM AIX 7.x STIG v3r2
AIX7-00-003041 - The AIX rlogind service must be disabled.
Unix
DISA IBM AIX 7.x STIG v3r2
ALMA-09-037750 - AlmaLinux OS 9 must not have any File Transfer Protocol (FTP) packages installed.
Unix
DISA Cloud Linux AlmaLinux OS 9 STIG v1r6
ALMA-09-037860 - AlmaLinux OS 9 must not have any telnet packages installed.
Unix
DISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AOSX-13-000555 - The macOS system must unload tftpd.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000605 - The macOS system must not use telnet.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-13-000606 - The macOS system must not use unencrypted FTP.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-002038 - The macOS system must be configured to disable the tftpd service.
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-15-002038 - The macOS system must be configured to disable the tftp service.
Unix
DISA STIG Apple Mac OSX 10.15 v1r10
APPL-11-002038 - Apple macOS must be configured to disable the tftp service.
Unix
DISA STIG Apple macOS 11 v1r8