Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002233
CCI
CCI|CCI-002233
Title
The information system prevents organization-defined software from executing at higher privilege levels than users executing the software.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
AIX7-00-001138 - NFS file systems on AIX must be mounted with the nosuid option unless the NFS file systems contain approved setuid or setgid programs.
Unix
DISA STIG AIX 7.x v2r9
Big Sur - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Catalina v1.5.0 - All Profiles
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r1
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1
DKER-EE-003200 - Docker Enterprise images must be built with the USER instruction to prevent containers from running as root.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r1
EP11-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r2
EP11-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r2
GEN000520 - The root user must not own the logon session for an application requiring a continuous display.
Unix
DISA STIG Solaris 10 X86 v2r4
GEN000520 - The root user must not own the logon session for an application requiring a continuous display.
Unix
DISA STIG Solaris 10 SPARC v2r4
GEN000920 - The root account's home directory (other than /) must have mode 0700.
Unix
DISA STIG Solaris 10 SPARC v2r4
GEN000920 - The root account's home directory (other than /) must have mode 0700.
Unix
DISA STIG Solaris 10 X86 v2r4
GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
MobileIron - DISA Google Android 12 COPE v1r1
GOOG-12-008900 - Google Android 12 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 12 COPE v1r1
GOOG-13-008900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
MobileIron - DISA Google Android 13 COPE v1r1
GOOG-13-008900 - Google Android 13 must be configured to disable exceptions to the access control policy that prevent [selection: application processes, groups of application processes] from accessing [selection: all, private] data stored by other [selection: application processes, groups of application processes].
MDM
AirWatch - DISA Google Android 13 COPE v1r1
MADB-10-006900 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
MySQLDB
DISA MariaDB Enterprise 10.x v1r2 DB
Monterey - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Monterey v1.0.0 - All Profiles
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Copy/Paste
MDM
MobileIron - DISA Microsoft Android 11 COPE v1r1
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes - Sharing data into the profile
MDM
MobileIron - DISA Microsoft Android 11 COPE v1r1
MSFT-11-004500 - Microsoft Android 11 must be configured to disable exceptions to the access control policy that prevent application processes from accessing all data stored by other application processes.
MDM
AirWatch - DISA Microsoft Android 11 COPE v1r1
MYS8-00-010600 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only
MySQLDB
DISA Oracle MySQL 8.0 v1r4 DB
OL08-00-030000 - The OL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
Unix
DISA Oracle Linux 8 STIG v1r8
PGS9-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
DISA STIG PostgreSQL 9.x on RHEL DB v2r3
PPS9-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server DB Audit v2r2
PPS9-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server DB Audit v2r2
RHEL-08-030000 - The RHEL 8 audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software.
Unix
DISA Red Hat Enterprise Linux 8 STIG v1r13
RHEL-09-654010 - RHEL 9 must audit uses of the 'execve' system call.
Unix
DISA Red Hat Enterprise Linux 9 STIG v1r1
SLES-12-010600 - The SUSE operating system Apparmor tool must be configured to control whitelisted applications and user home directory access control.
Unix
DISA SLES 12 STIG v2r12
SLES-15-010390 - SUSE operating system AppArmor tool must be configured to control whitelisted applications and user home directory access control.
Unix
DISA SLES 15 STIG v1r11
SQL4-00-032600 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2014 Instance DB Audit v2r3
SQL6-D0-002900 - Execution of stored procedures and functions that utilize execute as must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Database Audit v2r8
SQL6-D0-010500 - Use of credentials and proxies must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v2r11
SQL6-D0-016400 - Execution of startup stored procedures must be restricted to necessary cases only.
MS_SQLDB
DISA STIG SQL Server 2016 Instance DB Audit v2r11
UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - egid b32
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - egid b64
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - euid b32
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-16-020350 - The audit system must be configured to audit the execution of privileged functions and prevent all software from executing at higher privilege levels than users executing the software - euid b64
Unix
DISA STIG Ubuntu 16.04 LTS v2r3
UBTU-18-010358 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions.
Unix
DISA STIG Ubuntu 18.04 LTS v2r12
UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions - b32 gid
Unix
DISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions - b32 uid
Unix
DISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions - b64 gid
Unix
DISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions - b64 uid
Unix
DISA STIG Ubuntu 20.04 LTS v1r7
UBTU-20-010211 - The Ubuntu operating system must prevent all software from executing at higher privilege levels than users executing the software and the audit system must be configured to audit the execution of privileged functions.
Unix
DISA STIG Ubuntu 20.04 LTS v1r10