| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | |
| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware | Unix | |
| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r6 Middleware | Unix | |
| AS24-U1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Unix Server v2r6 | Unix | |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware | Unix | |
| AS24-U1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Unix Server v2r3 | Unix | |
| AS24-W1-000430 - Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Apache Server 2.4 Windows Server v2r1 | Windows | |
| AS24-W1-000450 - The Apache web server must separate the hosted applications from hosted Apache web server management functionality. | DISA STIG Apache Server 2.4 Windows Server v2r1 | Windows | |
| EP11-00-005100 - The EDB Postgres Advanced Server must separate user functionality (including user interface services) from database management functionality. | EDB PostgreSQL Advanced Server v11 DB Audit v2r2 | PostgreSQLDB | |
| EX16-MB-000200 - Exchange Mailbox databases must reside on a dedicated partition. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r4 | Windows | |
| IIST-SI-000221 - Anonymous IIS 10.0 website access accounts must be restricted - Anonymous username | DISA IIS 10.0 Site v2r5 | Windows | |
| IIST-SI-000221 - Anonymous IIS 10.0 website access accounts must be restricted - Local System Groups | DISA IIS 10.0 Site v2r5 | Windows | |
| IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 10.0 Server v2r5 | Windows | |
| IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 10.0 Server v2r8 | Windows | |
| IIST-SV-000131 - IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 10.0 Server v2r9 | Windows | |
| IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 10.0 Server v2r5 | Windows | |
| IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 10.0 Server v2r8 | Windows | |
| IIST-SV-000132 - The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 10.0 Server v2r9 | Windows | |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted | DISA IIS 8.5 Site v2r8 | Windows | |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted - Anonymous username | DISA IIS 8.5 Site v2r7 | Windows | |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted - Anonymous username | DISA IIS 8.5 Site v2r5 | Windows | |
| IISW-SI-000221 - Anonymous IIS 8.5 website access accounts must be restricted - Local System Groups | DISA IIS 8.5 Site v2r7 | Windows | |
| IISW-SV-000131 - IIS 8.5 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 8.5 Server v2r1 | Windows | |
| IISW-SV-000131 - IIS 8.5 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 8.5 Server v2r5 | Windows | |
| IISW-SV-000131 - IIS 8.5 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA IIS 8.5 Server v2r6 | Windows | |
| IISW-SV-000132 - The IIS 8.5 web server must separate the hosted applications from hosted web server management functionality. | DISA IIS 8.5 Server v2r6 | Windows | |
| JBOS-AS-000355 - The JBoss server must separate hosted application functionality from application server management functionality. | DISA RedHat JBoss EAP 6.3 STIG v2r3 | Unix | |
| O112-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality. | DISA STIG Oracle 11.2g v2r3 Database | OracleDB | |
| O121-P2-017300 - The DBMS must separate user functionality (including user interface services) from database management functionality. | DISA STIG Oracle 12c v2r6 Database | OracleDB | |
| OH12-1X-000266 - OHS accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts. | DISA STIG Oracle HTTP Server 12.1.3 v2r1 | Unix | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r3 | Unix | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r3 Middleware | Unix | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r6 | Unix | |
| TCAT-AS-000780 - Access to JMX management interface must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r4 | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r6 Middleware | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r2 | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r2 Middleware | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r5 Middleware | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r3 | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r5 | Unix | |
| TCAT-AS-000790 - Access to Tomcat manager application must be restricted. | DISA STIG Apache Tomcat Application Server 9 v2r6 | Unix | |
| VCWN-06-000005 - The vCenter Server users must have the correct roles assigned. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| WBLC-08-000222 - Oracle WebLogic must separate hosted application functionality from Oracle WebLogic management functionality. | Oracle WebLogic Server 12c v1r6 | Windows | |
| WBLC-08-000222 - Oracle WebLogic must separate hosted application functionality from Oracle WebLogic management functionality. | Oracle WebLogic Server 12c v1r6 | Unix | |
| WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Roles | DISA Windows Server 2012 and 2012 R2 DC STIG v3r5 | Windows | |
| WN12-AD-000009-DC - The directory server supporting (directly or indirectly) system access or resource authorization must run on a machine dedicated to that function - Services | DISA Windows Server 2012 and 2012 R2 DC STIG v3r4 | Windows | |
| WPAW-00-001300 - A Windows PAW used to manage domain controllers and directory services must not be used to manage any other type of high-value IT resource. | DISA MS Windows Privileged Access Workstation v1r2 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| WPAW-00-001500 - In a Windows PAW, administrator accounts used for maintaining the PAW must be separate from administrative accounts used to manage high-value IT resources. | DISA MS Windows Privileged Access Workstation v2r2 | Windows | |
| WPAW-00-001500 - In a Windows PAW, administrator accounts used for maintaining the PAW must be separate from administrative accounts used to manage high-value IT resources. | DISA MS Windows Privileged Access Workstation v1r2 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| WPAW-00-001500 - In a Windows PAW, administrator accounts used for maintaining the PAW must be separate from administrative accounts used to manage high-value IT resources. | DISA MS Windows Privileged Access Workstation v1r3 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
