| AOSX-14-000050 - The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types. | DISA STIG Apple Mac OSX 10.14 v2r5 | Unix | ACCESS CONTROL |
| AOSX-14-000050 - The macOS system must limit the number of concurrent SSH sessions to 10 for all accounts and/or account types. | DISA STIG Apple Mac OSX 10.14 v2r6 | Unix | ACCESS CONTROL |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - KeepAlive | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | ACCESS CONTROL |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - MaxKeepAliveRequests | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - httpd | DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - httpd | DISA STIG Apache Server 2.4 Unix Server v2r5 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | ACCESS CONTROL |
| AS24-U2-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Unix Site v2r2 | Unix | ACCESS CONTROL |
| AS24-U2-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Unix Site v2r2 Middleware | Unix | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Windows Server v2r2 | Windows | ACCESS CONTROL |
| AS24-W2-000020 - The Apache web server must perform server-side session management. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
| BIND-9X-001050 - The BIND 9.x secondary name server must limit the number of zones requested from a single master name server. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001051 - The BIND 9.x secondary name server must limit the total number of zones the name server can request at any one time. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| BIND-9X-001052 - The BIND 9.x server implementation must limit the number of concurrent session client connections to the number of allowed dynamic update clients. | DISA BIND 9.x STIG v2r2 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max-connections | DISA STIG Cisco IOS XE Router NDM v2r1 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max-connections | DISA STIG Cisco IOS XE Router NDM v2r3 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max connections | DISA STIG Cisco IOS Switch NDM v2r2 | Cisco | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max connections | DISA STIG Cisco IOS XE Switch NDM v2r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco IOS Switch NDM v2r3 | Cisco | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco NX-OS Switch NDM v2r1 | Cisco | ACCESS CONTROL |
| DKER-EE-001000 - The Docker Enterprise Per User Limit Login Session Control in the Universal Control Plane (UCP) Admin Settings must be set to an organization-defined value for all accounts and/or account types. | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r1 | Unix | ACCESS CONTROL |
| ESXI-67-000001 - Access to the ESXi host must be limited by enabling Lockdown Mode. | DISA STIG VMware vSphere 6.7 ESXi v1r1 | VMware | ACCESS CONTROL |
| EX13-EG-000005 - Exchange must limit the Receive connector timeout. | DISA Microsoft Exchange 2013 Edge Transport Server STIG v1r6 | Windows | ACCESS CONTROL |
| IIST-SI-000201 - The IIS 10.0 website session state must be enabled. | DISA IIS 10.0 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IIST-SI-000202 - The IIS 10.0 website session state cookie settings must be configured to Use Cookies mode. | DISA IIS 10.0 Site v2r1 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000201 - The IIS 8.5 website session state must be enabled. | DISA IIS 8.5 Site v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| IISW-SI-000202 - The IIS 8.5 website session state cookie settings must be configured to Use Cookies mode. | DISA IIS 8.5 Site v2r1 | Windows | CONFIGURATION MANAGEMENT |
| JUSX-VN-000001 - The Juniper SRX Services Gateway VPN must limit the number of concurrent sessions for user accounts to one (1) and administrative accounts to three (3), or set to an organization-defined number. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
| O112-C2-019100 - The DBMS must protect against or limit the effects of the organization-defined types of Denial of Service (DoS) attacks. | DISA STIG Oracle 11.2g v2r5 Windows | Windows | ACCESS CONTROL |
| OL6-00-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG Oracle Linux 6 v1r18 | Unix | ACCESS CONTROL |
| OL07-00-040000 - The Oracle Linux operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA Oracle Linux 7 STIG v2r14 | Unix | ACCESS CONTROL |
| SLES-15-020020 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SLES 15 STIG v1r3 | Unix | ACCESS CONTROL |
| SOL-11.1-040500 - The operating system must limit the number of concurrent sessions for each account to an organization-defined number of sessions. | DISA STIG Solaris 11 X86 v3r1 | Unix | ACCESS CONTROL |
| SRG-OS-000027-ESXI5 - The SSH daemon must limit connections to a single session. | DISA STIG VMWare ESXi Server 5 STIG v2r1 | VMware | ACCESS CONTROL |
| TCAT-AS-000010 - The number of allowed simultaneous sessions to the manager application must be limited. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
| VCEM-70-000004 - ESX Agent Manager must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000004 - vSphere Client must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLU-70-000004 - Lookup Service must protect cookies from cross-site scripting (XSS) - XSS. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-67-000004 - The Security Token Service must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCST-70-000004 - The Security Token Service must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-AC-000001 - The Windows 2012 DNS Server must restrict incoming dynamic update requests to known clients. | DISA Microsoft Windows 2012 Server DNS STIG v2r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
