Item Search

NameAudit NamePluginCategory
DB2X-00-005900 - DB2 must check the validity of all data inputs except those specifically identified by the organization.DISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND INFORMATION INTEGRITY

DB2X-00-006000 - DB2 and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND INFORMATION INTEGRITY

DB2X-00-006100 - DB2 and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.DISA STIG IBM DB2 v10.5 LUW v2r1 DatabaseIBM_DB2DB

SYSTEM AND INFORMATION INTEGRITY

EP11-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

EP11-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

EP11-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.EDB PostgreSQL Advanced Server v11 DB Audit v2r4PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

F5BI-AS-000261 - The BIG-IP ASM module must check the validity of all data inputs except those specifically identified by the organization.DISA F5 BIG-IP Application Security Manager STIG v2r1F5

SYSTEM AND INFORMATION INTEGRITY

F5BI-LT-000261 - The BIG-IP Core implementation must be configured to check the validity of all data inputs except those specifically identified by the organization.DISA F5 BIG-IP Local Traffic Manager STIG v2r3F5

SYSTEM AND INFORMATION INTEGRITY

IIST-SI-000231 - Directory Browsing on the IIS 10.0 website must be disabled.DISA IIS 10.0 Site v2r9Windows

SYSTEM AND INFORMATION INTEGRITY

IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.DISA IIS 10.0 Server v2r10Windows

SYSTEM AND INFORMATION INTEGRITY

IIST-SV-000138 - Directory Browsing on the IIS 10.0 web server must be disabled.DISA IIS 10.0 Server v3r1Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SI-000231 - Directory Browsing on the IIS 8.5 website must be disabled.DISA IIS 8.5 Site v2r9Windows

SYSTEM AND INFORMATION INTEGRITY

IISW-SV-000138 - Directory Browsing on the IIS 8.5 web server must be disabled.DISA IIS 8.5 Server v2r7Windows

SYSTEM AND INFORMATION INTEGRITY

MD3X-00-000490 - MongoDB must check the validity of all data inputs except those specifically identified by the organization.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

SYSTEM AND INFORMATION INTEGRITY

MD3X-00-000500 - MongoDB and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OSUnix

SYSTEM AND INFORMATION INTEGRITY

O112-C2-019500 - The DBMS must check the validity of data inputs.DISA STIG Oracle 11.2g v2r5 DatabaseOracleDB

SYSTEM AND INFORMATION INTEGRITY

O121-C2-019500 - The DBMS must check the validity of data inputs.DISA STIG Oracle 12c v3r1 DatabaseOracleDB

SYSTEM AND INFORMATION INTEGRITY

PGS9-00-001800 - PostgreSQL must check the validity of all data inputs except those specifically identified by the organization.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

PGS9-00-001900 - PostgreSQL and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

PGS9-00-002000 - PostgreSQL and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.DISA STIG PostgreSQL 9.x on RHEL DB v2r5PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

PPS9-00-006200 - The EDB Postgres Advanced Server must check the validity of all data inputs except those specifically identified by the organization.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

PPS9-00-006300 - The EDB Postgres Advanced Server and associated applications must reserve the use of dynamic code execution for situations that require it.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

PPS9-00-006400 - The EDB Postgres Advanced Server and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.EDB PostgreSQL Advanced Server DB Audit v2r3PostgreSQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL4-00-022500 - SQL Server must check the validity of all data inputs except those specifically identified by the organization.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL4-00-031500 - The DBMS and associated applications must reserve the use of dynamic code execution for situations that require it.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL4-00-031600 - The DBMS and associated applications, when making use of dynamic code execution, must scan input data for invalid values that may indicate a code injection attack.DISA STIG SQL Server 2014 Database Audit v1r7MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

SQL6-D0-002100 - SQL Server must check the validity of all data inputs except those specifically identified by the organization.DISA STIG SQL Server 2016 Database Audit v3r1MS_SQLDB

SYSTEM AND INFORMATION INTEGRITY

VCLD-70-000019 - VAMI must set the encoding for all text Multipurpose Internet Mail Extensions (MIME) types to UTF-8 - erbDISA STIG VMware vSphere 7.0 VAMI v1r2Unix

SYSTEM AND INFORMATION INTEGRITY

WDNS-SI-000001 - The Windows 2012 DNS Server must be configured to only allow zone information that reflects the environment for which it is authoritative, to include IP ranges and IP versions.DISA Microsoft Windows 2012 Server DNS STIG v2r7Windows

SYSTEM AND INFORMATION INTEGRITY