| 4.1 Ensure 'maxAllowedContentLength' is configured - Default | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 4.4 Ensure non-ASCII characters in URLs are not allowed - Applications | CIS IIS 10 v1.1.0 Level 2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| 10.17 Setting Security Lifecycle Listener - check for config component | CIS Apache Tomcat 9 L1 v1.0.0 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| 10.17 Setting Security Lifecycle Listener - check for config component | CIS Apache Tomcat 9 L1 v1.0.0 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Information Input Validation | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Information Input Validation | NIST macOS Big Sur v1.4.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Information Input Validation | NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Big Sur - Must behave in predictable and documented manner | NIST macOS Big Sur v1.4.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Information Input Validation | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Information Input Validation | NIST macOS Catalina v1.5.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Information Input Validation | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Catalina - Must behave in predictable and documented manner | NIST macOS Catalina v1.5.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization. | EnterpriseDB PostgreSQL Advanced Server DB v1r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it. | EnterpriseDB PostgreSQL Advanced Server DB v1r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| EPAS-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | EnterpriseDB PostgreSQL Advanced Server DB v1r1 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SI-000227 - The IIS 8.5 websites Maximum Query String limit must be configured. | DISA IIS 8.5 Site v1r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005700 - MariaDB must check the validity of all data inputs except those specifically identified by the organization. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MADB-10-005800 - MariaDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-001000 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MD4X-00-004100 - MongoDB must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 OS | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Information Input Validation | NIST macOS Monterey v1.0.0 - 800-53r5 High | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Information Input Validation | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Information Input Validation | NIST macOS Monterey v1.0.0 - 800-53r5 Moderate | Unix | SYSTEM AND INFORMATION INTEGRITY |
| Monterey - Must behave in predictable and documented manner | NIST macOS Monterey v1.0.0 - All Profiles | Unix | SYSTEM AND INFORMATION INTEGRITY |
| MYS8-00-007400 - The MySQL Database Server 8.0 and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL2-00-022500 - SQL Server must check the validity of data inputs. | DISA STIG SQL Server 2012 Database Audit v1r20 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031500 - The DBMS and associated applications must reserve the use of dynamic code execution for situations that require it. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-031600 - The DBMS and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack. | DISA STIG SQL Server 2014 Database Audit v1r6 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-67-000021 - ESX Agent Manager must use the 'setCharacterEncodingFilter' filter - filter | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCEM-70-000020 - ESX Agent Manager must set URIEncoding to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 7.0 EAM Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPF-70-000021 - Performance Charts must use the 'setCharacterEncodingFilter' filter. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-67-000020 - The Security Token Service must set 'URIEncoding' to UTF-8 - URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-70-000020 - The Security Token Service must set 'URIEncoding' to UTF-8. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-70-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter. - filter | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCST-70-000021 - The Security Token Service must use the 'setCharacterEncodingFilter' filter. - filter-mapping | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-67-000019 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCUI-70-000021 - vSphere UI must set URIEncoding to UTF-8. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6080 IIS6 - The AllowRestrictedChars registry key must be disabled. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6082 IIS6 - The EnableNonUTF8 registry key must be disabled. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6084 IIS6 - The FavorUTF8 registry key must be set properly. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6092 IIS6 - The PercentUAllowed registry entry must be set properly. | DISA STIG IIS 6.0 Server v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6210 - The web-site must limit the number of bytes accepted in a request. | DISA IIS 7.0 Web Site v1r19 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6220 - The production web-site must limit the MaxURL. | DISA IIS 7.0 Web Site v1r19 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6230 - The production web-site must configure the Maximum Query String limit. | DISA IIS 7.0 Web Site v1r19 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WA000-WI6240 - The web-site must not allow non-ASCII characters in URLs. | DISA IIS 7.0 Web Site v1r19 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WG460 A22 - PERL scripts must use the TAINT option. | DISA STIG Apache Site 2.2 Unix v1r11 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG460 A22 - PERL scripts must use the TAINT option. | DISA STIG Apache Site 2.2 Unix v1r10 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG460 A22 - PERL scripts must use the TAINT option. | DISA STIG Apache Site 2.2 Unix v1r11 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WG460 IIS6 - PERL scripts must use the TAINT option. | DISA STIG IIS 6.0 Site Checklist v6r16 | Windows | SYSTEM AND INFORMATION INTEGRITY |
