| 1.5.5 Ensure number of concurrent sessions is limited | CIS Amazon Linux 2 STIG v2.0.0 STIG | Unix | ACCESS CONTROL |
| ALMA-09-001010 - AlmaLinux OS 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Cloud Linux AlmaLinux OS 9 STIG v1r6 | Unix | ACCESS CONTROL |
| ARST-ND-000010 - The Arista network device must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type. | DISA STIG Arista MLS EOS 4.2x NDM v2r1 | Arista | ACCESS CONTROL |
| AZLX-23-002395 - Amazon Linux 2023 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Amazon Linux 2023 STIG v1r2 | Unix | ACCESS CONTROL |
| BIND-9X-001010 - A BIND 9.x primary name server must limit the number of concurrent zone transfers between authorized secondary name servers. | DISA BIND 9.x STIG v3r1 | Unix | ACCESS CONTROL |
| BIND-9X-001020 - The BIND 9.x secondary name server must limit the number of zones requested from a single primary name server. | DISA BIND 9.x STIG v3r1 | Unix | ACCESS CONTROL |
| BIND-9X-001040 - The BIND 9.x server implementation must limit the number of concurrent session client connections. | DISA BIND 9.x STIG v3r1 | Unix | ACCESS CONTROL |
| BIND-9X-002480 - The BIND 9.x server implementation must limit the number of allowed dynamic update clients. | DISA BIND 9.x STIG v3r1 | Unix | ACCESS CONTROL |
| CD12-00-001200 - PostgreSQL must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA STIG Crunchy Data PostgreSQL DB v3r1 | PostgreSQLDB | ACCESS CONTROL |
| Configuring the BIG-IP system to exclude inode information from Etags | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| ESXI-80-000008 - The ESXi host must enable lockdown mode. | DISA VMware vSphere 8.0 ESXi STIG v2r3 VMware | VMware | ACCESS CONTROL |
| F5BI-AP-000239 - The F5 BIG-IP appliance must be configured to set the 'Max In Progress Sessions per Client IP' value to 10 or less - Max In Progress Sessions per Client IP value to 10 or less. | DISA F5 BIG-IP Access Policy Manager STIG v2r4 | F5 | ACCESS CONTROL |
| F5BI-AP-300164 - The F5 BIG-IP appliance must be configured to set the "Max In Progress Sessions per Client IP" value to 10 or an organizational-defined number. | DISA F5 BIG-IP TMOS ALG STIG v1r2 | F5 | ACCESS CONTROL |
| IBMW-LS-000010 - Maximum in-memory session count must be set according to application requirements. | DISA IBM WebSphere Liberty Server STIG v2r4 | Unix | ACCESS CONTROL |
| JUEX-NM-000010 - The Juniper EX switch must be configured to limit the number of concurrent management sessions to 10 or an organization-defined value. | DISA Juniper EX Series Network Device Management v2r4 | Juniper | ACCESS CONTROL |
| Modifying the list of ciphers and MAC and key exchange algorithms used by the SSH service on the BIG-IP system or BIG-IQ system | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| MYS8-00-000200 - MySQL Database Server 8.0 must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| O19C-00-000100 - Oracle Database must limit the number of concurrent sessions for each system account to an organization-defined number of sessions. | DISA Oracle Database 19c STIG v1r5 OracleDB | OracleDB | ACCESS CONTROL |
| O19C-00-000200 - Oracle Database must protect against or limit the effects of organization-defined types of denial-of-service (DoS) attacks. | DISA Oracle Database 19c STIG v1r5 Unix | Unix | ACCESS CONTROL |
| OL09-00-002415 - OL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Oracle Linux 9 STIG v1r5 | Unix | ACCESS CONTROL |
| OS10-NDM-000010 - The Dell OS10 Switch must limit the number of concurrent sessions to an organization-defined number for each administrator account and/or administrator account type. | DISA Dell OS10 Switch NDM STIG v1r1 | Dell_OS10 | ACCESS CONTROL |
| Overview of Appliance mode | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| PHTN-67-000004 - The Photon operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL |
| RHEL-08-020024 - RHEL 8 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 8 STIG v2r7 | Unix | ACCESS CONTROL |
| RHEL-09-412040 - RHEL 9 must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Red Hat Enterprise Linux 9 STIG v2r8 | Unix | ACCESS CONTROL |
| SQLI-22-003600 - SQL Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | DISA Microsoft SQL Server 2022 Instance STIG v1r4 MS_SQLDB | MS_SQLDB | ACCESS CONTROL |
| UBTU-22-412020 - Ubuntu 22.04 LTS must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA Canonical Ubuntu 22.04 LTS STIG v2r8 | Unix | ACCESS CONTROL |
| UBTU-24-200000 - Ubuntu 24.04 LTS must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA Canonical Ubuntu 24.04 LTS STIG v1r5 | Unix | ACCESS CONTROL |
| Unable to limit Configuration utility access to clients using only TLSv1.1 or TLSv1.2 | Tenable F5 BIG-IP Best Practice Audit | F5 | ACCESS CONTROL |
| VCEM-67-000001 - ESX Agent Manager must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL |
| VCEM-67-000003 - ESX Agent Manager must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL |
| VCFL-67-000002 - vSphere Client must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| VCFL-67-000003 - vSphere Client must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL |
| VCLD-67-000001 - VAMI must limit the number of simultaneous requests. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | ACCESS CONTROL |
| VCLU-70-000001 - Lookup Service must limit the amount of time that each Transport Control Protocol (TCP) connection is kept alive - TCP connection is kept alive. | DISA STIG VMware vSphere 7.0 Lookup Service v1r2 | Unix | ACCESS CONTROL |
| VCLU-80-000126 The vCenter Lookup service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1 | Unix | ACCESS CONTROL |
| VCPF-67-000001 - Performance Charts must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCPF-67-000003 - Performance Charts must limit the maximum size of a POST request. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCPF-70-000002 - Performance Charts must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | ACCESS CONTROL |
| VCPF-80-000125 The vCenter Perfcharts service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Perfcharts STIG v2r1 | Unix | ACCESS CONTROL |
| VCRP-67-000001 - The rhttpproxy must drop connections to disconnected clients. | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | ACCESS CONTROL |
| VCRP-70-000001 - Envoy must drop connections to disconnected clients. | DISA STIG VMware vSphere 7.0 RhttpProxy v1r1 | Unix | ACCESS CONTROL |
| VCST-67-000002 - The Security Token Service must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCST-70-000002 - The Security Token Service must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | ACCESS CONTROL |
| VCST-70-000003 - The Security Token Service must limit the maximum size of a POST request. | DISA STIG VMware vSphere 7.0 STS Tomcat v1r2 | Unix | ACCESS CONTROL |
| VCST-80-000126 The vCenter STS service must limit the number of times that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance Secure Token Service (STS) STIG v2r1 | Unix | ACCESS CONTROL |
| VCUI-67-000002 - vSphere UI must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL |
| VCUI-70-000002 - vSphere UI must limit the number of concurrent connections permitted. | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL |
| VCUI-80-000125 The vCenter UI service must limit the amount of time that each Transmission Control Protocol (TCP) connection is kept alive. | DISA VMware vSphere 8.0 vCenter Appliance User Interface (UI) STIG v2r1 | Unix | ACCESS CONTROL |
| WBSP-AS-000010 - The WebSphere Application Server maximum in-memory session count must be set according to application requirements. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | ACCESS CONTROL |
