| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r5 | Unix | |
| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r5 Middleware | Unix | |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v2r5 | Unix | |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | |
| AS24-W2-000440 - Anonymous user access to the Apache web server application directories must be prohibited. | DISA STIG Apache Server 2.4 Windows Site v1r3 | Windows | |
| CNTR-K8-001360 - Kubernetes must separate user functionality. | DISA STIG Kubernetes v1r11 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionality - SYSADM_GROUP | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | ACCESS CONTROL |
| DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionality - SYSCTRL_GROUP | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | ACCESS CONTROL |
| DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionality - SYSMAINT_GROUP | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | ACCESS CONTROL |
| DB2X-00-004800 - DB2 must separate user functionality (including user interface services) from database management functionality - SYSMON_GROUP | DISA STIG IBM DB2 v10.5 LUW v1r4 Database | IBM_DB2DB | ACCESS CONTROL |
| DS00.1180_2008 - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Services | DISA Windows Server 2008 DC STIG v6r47 | Windows | CONFIGURATION MANAGEMENT |
| DS00.1180_2008_R2 - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Services | DISA Windows Server 2008 R2 DC STIG v1r34 | Windows | CONFIGURATION MANAGEMENT |
| EPAS-00-005100 - The EDB Postgres Advanced Server must separate user functionality (including user interface services) from database management functionality. | EnterpriseDB PostgreSQL Advanced Server OS Linux v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-MB-000100 - Exchange Mailbox databases must reside on a dedicated partition. | DISA Microsoft Exchange 2013 Mailbox Server STIG v1r6 | Windows | CONFIGURATION MANAGEMENT |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted - Anonymous username | DISA IIS 8.5 Site v1r9 | Windows | ACCESS CONTROL |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted - Local System Groups | DISA IIS 8.5 Site v1r9 | Windows | ACCESS CONTROL |
| IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 8.5 Server v1r9 | Windows | ACCESS CONTROL |
| IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 8.5 Server v2r3 | Windows | |
| JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality. | DISA RedHat JBoss EAP 6.3 STIG v1r4 | Unix | ACCESS CONTROL |
| MADB-10-004600 - MariaDB must separate user functionality (including user interface services) from database management functionality. | DISA MariaDB Enterprise 10.x v1r3 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MD4X-00-000700 - MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users). | DISA STIG MongoDB Enterprise Advanced 4.x v1r3 DB | MongoDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-006400 - The MySQL Database Server 8.0 must separate user functionality (including user interface services) from database management functionality. | DISA Oracle MySQL 8.0 v1r5 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-09-213010 - RHEL 9 must restrict access to the kernel message buffer. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-213015 - RHEL 9 must prevent kernel profiling by nonprivileged users. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-213025 - RHEL 9 must restrict exposed kernel pointer addresses access. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| RHEL-09-213075 - RHEL 9 must disable access to network bpf system call from nonprivileged processes. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes. | DISA Red Hat Enterprise Linux 9 STIG v1r1 | Unix | |
| RHEL-09-213080 - RHEL 9 must restrict usage of ptrace to descendant processes. | DISA Red Hat Enterprise Linux 9 STIG v1r2 | Unix | |
| SRG-OS-000132-ESXI5 - vSphere management traffic must be on a restricted network | DISA STIG VMWare ESXi Server 5 STIG v1r10 | VMware | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r2 | Unix | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r6 Middleware | Unix | |
| VCEM-67-000017 - ESX Agent Manager directory tree must have permissions in an 'out-of-the box' state - out-of-the box state. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r2 | Unix | |
| VCEM-67-000017 - ESX Agent Manager directory tree must have permissions in an 'out-of-the box' state - out-of-the box state. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r3 | Unix | |
| VCEM-67-000017 - ESX Agent Manager directory tree must have permissions in an 'out-of-the box' state - out-of-the box state. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r1 | Unix | |
| VCFL-67-000019 - vSphere Client directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | DISA STIG VMware vSphere 6.7 Virgo Client v1r1 | Unix | |
| VCLD-67-000026 - VAMI must restrict access to the web root. | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-67-000016 - Performance Charts directory tree must have permissions in an 'out-of-the box' state - out-of-the box state. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r1 | Unix | |
| VCPF-67-000016 - Performance Charts directory tree must have permissions in an 'out-of-the box' state - out-of-the box state. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r2 | Unix | |
| VCSA-70-000095 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere 7.0 vCenter v1r2 | VMware | |
| VCST-67-000017 - The Security Token Service directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r1 | Unix | |
| VCST-67-000017 - The Security Token Service directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | DISA STIG VMware vSphere 6.7 STS Tomcat v1r2 | Unix | |
| VCTR-67-000005 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-67-000016 - vSphere UI directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r2 | Unix | |
| VCUI-67-000016 - vSphere UI directory tree must have permissions in an 'out-of-the-box' state - out-of-the-box state. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r1 | Unix | |
| WBSP-AS-001390 - The WebSphere Application Servers must not be in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001390 - The WebSphere Application Servers must not be in the DMZ. | DISA IBM WebSphere Traditional 9 Windows STIG v1r1 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBSP-AS-001390 - The WebSphere Application Servers must not be in the DMZ. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
