Audits
Settings
Links
Tenable.io
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Links
Tenable.io
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Audits
References
CCI
CCI-001310
CCI
CCI|CCI-001310
Title
The information system checks the validity of organization-defined inputs.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2009
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.
F5
DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.
F5
DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.
Windows
DISA IIS 10.0 Site v2r5
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.
Windows
DISA IIS 10.0 Server v2r5
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.
Windows
DISA IIS 8.5 Site v2r5
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.
Windows
DISA IIS 8.5 Server v2r3
MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS
MD3X-00-000500 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS
MD4X-00-001000 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS
MD4X-00-004100 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r1 OS
VCEM-67-000020 - ESX Agent Manager must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 EAM Tomcat v1r2
VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter
Unix
DISA STIG VMware vSphere 6.7 EAM Tomcat v1r2
VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter-mapping
Unix
DISA STIG VMware vSphere 6.7 EAM Tomcat v1r2
VCFL-67-000021 - vSphere Client must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 Virgo Client v1r1
VCLD-67-000028 - VAMI must set the encoding for all text mime types to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r2
VCPF-67-000019 - Performance Charts must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r2
VCPF-67-000020 - Performance Charts must use the 'setCharacterEncodingFilter' filter - filter
Unix
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r2
VCPF-67-000020 - Performance Charts must use the 'setCharacterEncodingFilter' filter - filter-mapping
Unix
DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r2
VCST-67-000020 - The Security Token Service must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 STS Tomcat v1r2
VCST-67-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter - filter
Unix
DISA STIG VMware vSphere 6.7 STS Tomcat v1r2
VCST-67-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter - filter-mapping
Unix
DISA STIG VMware vSphere 6.7 STS Tomcat v1r2
VCUI-67-000019 - vSphere UI must set URIEncoding to UTF-8.
Unix
DISA STIG VMware vSphere 6.7 UI Tomcat v1r2
WDNS-SI-000001 - The Windows 2012 DNS Server must be configured to only allow zone information that reflects the environment for which it is authoritative, to include IP ranges and IP versions.
Windows
DISA Microsoft Windows 2012 Server DNS STIG v2r5