Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002233
CCI
CCI|CCI-002233
Title
Prevent the organization-defined software from executing at higher privilege levels than users executing the software.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 14 v1r4
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 14 v1r4
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 16 v2r1
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r1
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r1
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 v2r1
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r1
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r1
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 18 v1r1
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 18 v1r1
Big Sur - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Catalina v1.5.0 - All Profiles
DKER-EE-003200 - Docker Enterprise images must be built with the USER instruction to prevent containers from running as root.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r2
GEN000920 - The root account's home directory (other than /) must have mode 0700.
Unix
DISA STIG Solaris 10 X86 v2r4
GEN000920 - The root account's home directory (other than /) must have mode 0700.
Unix
DISA STIG Solaris 10 SPARC v2r4
Monterey - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Monterey v1.0.0 - All Profiles
MYS8-00-010600 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
MySQLDB
DISA Oracle MySQL 8.0 v2r2 DB
SQL6-D0-002900 - Execution of stored procedures and functions that utilize execute as must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Database Audit v3r2
SQL6-D0-010500 - Use of credentials and proxies must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v3r2
SQL6-D0-016400 - Execution of startup stored procedures must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v3r2