| APPL-14-004001 The macOS system must configure Apple System Log files to be owned by root and group to wheel. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-14-004002 The macOS system must configure Apple System Log files to mode 640 or less permissive. | DISA Apple macOS 14 (Sonoma) STIG v2r3 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-004001 - The macOS system must configure Apple System Log (ASL) files owned by root and group to wheel. | DISA Apple macOS 15 (Sequoia) STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-004002 - The macOS system must configure Apple System Log (ASL) files to mode 640 or less permissive. | DISA Apple macOS 15 (Sequoia) STIG v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - LogLevel | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled - TraceEnable | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000620 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000620 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000630 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-U2-000630 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| AS24-W1-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| AS24-W2-000620 - Warning and error messages displayed to clients must be modified to minimize the identity of the Apache web server, patches, loaded modules, and directory paths. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| DB2X-00-006200 - DB2 must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | SYSTEM AND INFORMATION INTEGRITY |
| EP11-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SI-000233 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 10.0 website, patches, loaded modules, and directory paths. | DISA IIS 10.0 Site v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v3r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IIST-SV-000215 - ASP.NET version must be removed from the HTTP Response Header information. | DISA IIS 10.0 Server v2r10 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SI-000233 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 8.5 website, patches, loaded modules, and directory paths. | DISA IIS 8.5 Site v2r9 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| IISW-SV-000140 - Warning and error messages displayed to clients must be modified to minimize the identity of the IIS 8.5 web server, patches, loaded modules, and directory paths. | DISA IIS 8.5 Server v2r7 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| JUSX-AG-000132 - The Juniper SRX Services Gateway Firewall must configure ICMP to meet DoD requirements. | DISA Juniper SRX Services Gateway ALG v3r2 | Juniper | SYSTEM AND INFORMATION INTEGRITY |
| O112-C2-019900 - The DBMS must only generate error messages that provide information necessary for corrective actions without revealing organization-defined sensitive or potentially harmful information in error logs and administrative messages that could be exploited. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000346 - OHS must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000348 - OHS must have the ServerTokens directive set to limit the response header. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000349 - OHS must have the Alias /error directive defined to reference the directory accompanying the ErrorDocument directives to minimize the identity of OHS, patches, loaded modules, and directory paths in warning and error messages displayed to clients. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000350 - OHS must have the permissions set properly via the Directory directive accompanying the ErrorDocument directives to minimize improper access to the warning and error messages displayed to clients - Allow | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000350 - OHS must have the permissions set properly via the Directory directive accompanying the ErrorDocument directives to minimize improper access to the warning and error messages displayed to clients - AllowOverride | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000350 - OHS must have the permissions set properly via the Directory directive accompanying the ErrorDocument directives to minimize improper access to the warning and error messages displayed to clients - LimitExcept | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000350 - OHS must have the permissions set properly via the Directory directive accompanying the ErrorDocument directives to minimize improper access to the warning and error messages displayed to clients - LimitExcept > Deny | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 403 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 404 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 408 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 410 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 411 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 413 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 414 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 415 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 501 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 503 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000351 - OHS must have defined error pages for common error codes that minimize the identity of the web server, patches, loaded modules, and directory paths - ErrorDocument 506 | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| OH12-1X-000352 - OHS must have production information removed from error documents to minimize the identity of OHS, patches, loaded modules, and directory paths in warning and error messages displayed to clients. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| PANW-IP-000031 - The Palo Alto Networks security platform must block malicious ICMP packets. | DISA STIG Palo Alto IDPS v3r1 | Palo_Alto | SYSTEM AND INFORMATION INTEGRITY |
| PPS9-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | SYSTEM AND INFORMATION INTEGRITY |
| SQL4-00-022800 - The DBMS and associated applications must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG SQL Server 2014 Database Audit v1r7 | MS_SQLDB | SYSTEM AND INFORMATION INTEGRITY |
| TCAT-AS-000920 - ErrorReportValve showServerInfo must be set to false. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | SYSTEM AND INFORMATION INTEGRITY |
| UBTU-18-010121 - The Ubuntu operating system must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| VCPG-70-000016 - VMware Postgres must provide nonprivileged users with minimal error information. | DISA STIG VMware vSphere 7.0 PostgreSQL v1r2 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000252 - Oracle WebLogic must identify potentially security-relevant error conditions. | Oracle WebLogic Server 12c Linux v2r1 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| WBLC-09-000253 - Oracle WebLogic must only generate error messages that provide information necessary for corrective actions without revealing sensitive or potentially harmful information in error logs and administrative messages. | Oracle WebLogic Server 12c Windows v2r1 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| WN22-00-000030 - Windows Server 2022 administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. | DISA Microsoft Windows Server 2022 STIG v2r3 | Windows | CONFIGURATION MANAGEMENT, SYSTEM AND INFORMATION INTEGRITY |
