CCI|CCI-001310

Title

The information system checks the validity of organization-defined inputs.

Reference Item Details

Category: 2009

Audit Items

View all Reference Audit Items

NamePluginAudit Name
DB2X-00-005900 - DB2 must check the validity of all data inputs except those specifically identified by the organization.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-005900 - DB2 must check the validity of all data inputs except those specifically identified by the organization.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r2
EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r3
EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r3
EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r2
EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r2
EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r3
EPAS-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v1r1
EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v1r1
EPAS-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v1r1
F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Application Security Manager STIG v2r1
F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Application Security Manager 11.x STIG v1r1
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Local Traffic Manager STIG v2r3
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v1r3
F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.F5DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r2
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r9
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r5
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r7
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r8
IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r1
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r8
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r5
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r1
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r9
IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.WindowsDISA IIS 10.0 Server v2r10
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r5
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r9
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r8
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r7
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v1r9
IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r1
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r3
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r6
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r1
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v1r9
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r5
IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.WindowsDISA IIS 8.5 Server v2r7
MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization.MySQLDBDISA MariaDB Enterprise 10.x v1r2 DB
MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization.MySQLDBDISA MariaDB Enterprise 10.x v1r3 DB
MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it.MySQLDBDISA MariaDB Enterprise 10.x v1r3 DB
MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it.MySQLDBDISA MariaDB Enterprise 10.x v1r2 DB
MADB-10-005900 - MariaDB and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.MySQLDBDISA MariaDB Enterprise 10.x v1r2 DB
MADB-10-005900 - MariaDB and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.MySQLDBDISA MariaDB Enterprise 10.x v1r3 DB
MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.UnixDISA STIG MongoDB Enterprise Advanced 3.x v1r1