Item Search

NameAudit NamePluginCategory
AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA STIG Apache Server 2.4 Unix Server v3r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA STIG Apache Server 2.4 Unix Server v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Unix Server v3r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Unix Server v3r1Unix

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000280 - Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Windows Server v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Windows Server v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W2-000440 - Anonymous user access to the Apache web server application directories must be prohibited.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

AS24-W2-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionalityDISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND COMMUNICATIONS PROTECTION

EX13-MB-000100 - Exchange Mailbox databases must reside on a dedicated partition.DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition.DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SI-000221 - Anonymous IIS 10.0 website access accounts must be restricted.DISA IIS 10.0 Site v2r9Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA IIS 10.0 Server v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 10.0 Server v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000131 - IIS 8.5 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality.DISA RedHat JBoss EAP 6.3 STIG v2r4Unix

SYSTEM AND COMMUNICATIONS PROTECTION

MD3X-00-000390 - MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).DISA STIG MongoDB Enterprise Advanced 3.x v2r3 DBMongoDB

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

O112-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

O121-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality.DISA STIG Oracle 12c v3r1 DatabaseOracleDB

SYSTEM AND COMMUNICATIONS PROTECTION

PGS9-00-008500 - PostgreSQL must separate user functionality (including user interface services) from database management functionality.DISA STIG PostgreSQL 9.x on RHEL OS v2r5Unix

SYSTEM AND COMMUNICATIONS PROTECTION

RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access.DISA Red Hat Enterprise Linux 9 STIG v2r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

SP13-00-000150 - The SharePoint Central Administration site must not be accessible from Extranet or Internet connections.DISA STIG SharePoint 2013 v2r3Windows

SYSTEM AND COMMUNICATIONS PROTECTION

SQL4-00-020500 - SQL Server must be configured to separate user functionality (including user interface services) from database management functionality - including UI services from database management functionality.DISA STIG SQL Server 2014 Instance DB Audit v2r4MS_SQLDB

SYSTEM AND COMMUNICATIONS PROTECTION

SRG-OS-000132-ESXI5 - vSphere management traffic must be on a restricted network.DISA STIG VMWare ESXi Server 5 STIG v2r1VMware

SYSTEM AND COMMUNICATIONS PROTECTION

TCAT-AS-000790 - Access to Tomcat manager application must be restricted.DISA STIG Apache Tomcat Application Server 9 v3r1 MiddlewareUnix

SYSTEM AND COMMUNICATIONS PROTECTION

VCEM-67-000017 - ESX Agent Manager directory tree must have permissions in an 'out-of-the box' state - out-of-the box state.DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCEM-70-000017 - ESX Agent Manager directory tree must have permissions in an out-of-the-box state - out-of-the box state.DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCLD-70-000009 - VAMI server binaries and libraries must be verified for their integrity.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCLU-70-000017 - Lookup Service directory tree must have permissions in an out-of-the-box state - out-of-the box state.DISA STIG VMware vSphere 7.0 Lookup Service v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-67-000016 - Performance Charts directory tree must have permissions in an 'out-of-the box' state - out-of-the box state.DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCPF-70-000017 - Performance Charts directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCSA-70-000095 - The vCenter Server users must have the correct roles assigned.DISA STIG VMware vSphere 7.0 vCenter v1r3VMware

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCSA-80-000095 The vCenter Server user roles must be verified.DISA VMware vSphere 8.0 vCenter STIG v2r1VMware

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCST-67-000017 - The Security Token Service directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 STS Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCST-70-000017 - The Security Token Service directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 STS Tomcat v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCUI-67-000016 - vSphere UI directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state.DISA STIG VMware vSphere 6.7 UI Tomcat v1r3Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCUI-70-000017 - The vSphere UI directory tree must have permissions in an out-of-the-box state.DISA STIG VMware vSphere 7.0 vCA UI v1r2Unix

CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION

VCWN-65-000005 - The vCenter Server for Windows users must have the correct roles assigned.DISA STIG VMware vSphere vCenter 6.5 v2r3VMware

SYSTEM AND COMMUNICATIONS PROTECTION

WBLC-08-000222 - Oracle WebLogic must separate hosted application functionality from Oracle WebLogic management functionality.Oracle WebLogic Server 12c Windows v2r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000006-DC - Data files owned by users must be on a different logical partition from the directory server data files.DISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - RolesDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - ServicesDISA Windows Server 2012 and 2012 R2 DC STIG v3r7Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WPAW-00-001300 - A Windows PAW used to manage domain controllers and directory services must not be used to manage any other type of high-value IT resource.DISA MS Windows Privileged Access Workstation v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION

WPAW-00-001500 - In a Windows PAW, administrator accounts used for maintaining the PAW must be separate from administrative accounts used to manage high-value IT resources.DISA MS Windows Privileged Access Workstation v3r1Windows

SYSTEM AND COMMUNICATIONS PROTECTION