CCI|CCI-001310

Title

Checks the validity of organization-defined information inputs to the system.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.10 VCUI-80-000065UnixCIS VMware vSphere 8.0 vCenter Appliance User Interface UI STIG v1.0.0 CAT II
1.11 VCEM-80-000065UnixCIS VMware vSphere 8.0 vCenter Appliance ESX Agent Manager EAM STIG v1.0.0 CAT II
1.11 VCLU-80-000065UnixCIS VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v1.0.0 CAT II
1.11 VCPF-80-000065UnixCIS VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v1.0.0 CAT II
1.11 VCST-80-000065UnixCIS VMware vSphere 8.0 vCenter Appliance Secure Token Service STS STIG v1.0.0 CAT II
1.13 VCLD-80-000061UnixCIS VMware vSphere 8.0 vCenter Appliance Management Interface VAMI STIG v1.0.0 CAT II
1.15 SQLD-22-002100MS_SQLDBCIS Microsoft SQL Server 2022 Database STIG v1.0.0 CAT II
1.18 VCEM-80-000127UnixCIS VMware vSphere 8.0 vCenter Appliance ESX Agent Manager EAM STIG v1.0.0 CAT II
1.18 VCLU-80-000127UnixCIS VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v1.0.0 CAT II
1.18 VCPF-80-000127UnixCIS VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v1.0.0 CAT II
1.18 VCUI-80-000127UnixCIS VMware vSphere 8.0 vCenter Appliance User Interface UI STIG v1.0.0 CAT II
1.19 VCST-80-000127UnixCIS VMware vSphere 8.0 vCenter Appliance Secure Token Service STS STIG v1.0.0 CAT II
1.40 SQLI-22-010010MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.41 SQLI-22-010020MS_SQLDBCIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.49 MADB-10-005700MySQLDBCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.50 MADB-10-005800MySQLDBCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.51 MADB-10-005900UnixCIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II Unix
1.86 O19C-00-017900OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
1.87 O19C-00-018000OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
1.88 O19C-00-018100OracleDBCIS Oracle Database 19c STIG v1.1.0 CAT II OracleDB
CD12-00-001800 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CD12-00-001900 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CD12-00-002000 - PostgreSQL and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
CD16-00-005700 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization.UnixDISA Crunchy Data Postgres 16 STIG v1r2 Unix
CD16-00-005800 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it.UnixDISA Crunchy Data Postgres 16 STIG v1r2 Unix
CD16-00-005900 - PostgreSQL and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBDISA Crunchy Data Postgres 16 STIG v1r2 PostgreSQLDB
DB2X-00-005900 - DB2 must check the validity of all data inputs except those specifically identified by the organization.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
F5BI-AP-300064 - The F5 BIG-IP appliance must check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP TMOS ALG STIG v1r2
F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Application Security Manager STIG v2r2
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r4
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r14
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r10
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v3r6
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r9
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r7
MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization.MySQLDBDISA MariaDB Enterprise 10.x STIG v2r5 MySQLDB
MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it.MySQLDBDISA MariaDB Enterprise 10.x STIG v2r5 MySQLDB
MADB-10-005900 - MariaDB and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.UnixDISA MariaDB Enterprise 10.x STIG v2r5 Unix
MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD3X-00-000500 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-001000 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
MD4X-00-004100 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS