| ADBP-XI-005000 - An unsupported Adobe Acrobat Pro version must not be installed. | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | SYSTEM AND INFORMATION INTEGRITY |
| APPL-15-002062 - The macOS system must disable Bluetooth when no approved device is connected. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| CNTR-K8-000330 - The Kubernetes Kubelet must have the 'readOnlyPort' flag disabled - readOnlyPort flag disabled. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| CNTR-K8-000370 - The Kubernetes Kubelet must have anonymous authentication disabled. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| CNTR-K8-000440 - The Kubernetes kubelet staticPodPath must not enable static pods. | DISA STIG Kubernetes v2r2 | Unix | ACCESS CONTROL |
| CNTR-R2-000120 The Kubernetes API server must have the insecure port flag disabled. | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | ACCESS CONTROL |
| CNTR-R2-000130 The Kubernetes Kubelet must have the read-only port flag disabled. | DISA Rancher Government Solutions RKE2 STIG v2r2 | Unix | ACCESS CONTROL |
| DTAVSEL-003 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x must be configured to enable On-Access scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| ESXI-70-000060 - All port groups on standard switches must be configured to reject guest Media Access Control (MAC) address changes. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000072 - The ESXi host must have all security patches and updates installed. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| EX19-ED-000234 - Exchange must provide redundancy. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX19-ED-000236 - Exchange internal Send connectors must require encryption. | DISA Microsoft Exchange 2019 Edge Server STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| JUEX-NM-000340 - The Juniper EX switch must be configured to use FIPS 140-2/140-3 validated algorithms for authentication to a cryptographic module. | DISA Juniper EX Series Network Device Management v2r2 | Juniper | IDENTIFICATION AND AUTHENTICATION |
| MD4X-00-001700 - MongoDB must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA STIG MongoDB Enterprise Advanced 4.x v1r4 DB | MongoDB | ACCESS CONTROL |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010800 - Motorola Android Pie devices must have the latest available Motorola Android Pie operating system installed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-010900 - Motorola Android Pie devices must have a NIAP-validated Motorola Android Pie operating system installed. | MobileIron - DISA Motorola Android Pie.x COBO v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTO-09-999999 - All Motorola Android 9 installations must be removed. | AirWatch - DISA Motorola Android Pie.x COPE v1r2 | MDM | CONFIGURATION MANAGEMENT |
| MOTS-11-999999 - All Motorola Solutions Android 11 installations must be removed. | MobileIron - DISA Motorola Solutions Android 11 COBO v1r3 | MDM | CONFIGURATION MANAGEMENT |
| MYS8-00-005400 - The MySQL Database Server 8.0 must enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | ACCESS CONTROL |
| MYS8-00-007200 - The MySQL Database Server 8.0 must protect the confidentiality and integrity of all information at rest. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| MYS8-00-011700 - The MySQL Database Server 8.0 must implement NIST FIPS 140-2 or 140-3 validated cryptographic modules to generate and validate cryptographic hashes. | DISA Oracle MySQL 8.0 v2r2 DB | MySQLDB | SYSTEM AND COMMUNICATIONS PROTECTION |
| OL08-00-010000 - OL 8 must be a vendor-supported release. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-010140 - OL 8 operating systems booted with United Extensible Firmware Interface (UEFI) must require authentication upon booting into single-user mode and maintenance. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL |
| OL08-00-040000 - OL 8 must not have the telnet-server package installed. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| OL08-00-040170 - The x86 Ctrl-Alt-Delete key sequence must be disabled on OL 8. | DISA Oracle Linux 8 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-30-000031 - The Photon operating system must require authentication upon booting into single-user and maintenance modes. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | ACCESS CONTROL |
| PHTN-40-000182 The Photon operating system must implement NIST FIPS-validated cryptography for the following: to provision digital signatures, to generate cryptographic hashes, and to protect unclassified information requiring confidentiality and cryptographic protection in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, and standards. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| Restricting access to the Configuration utility by source IP address | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| RHEL-08-010121 - The RHEL 8 operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-010150 - RHEL 8 operating systems booted with a BIOS must require authentication upon booting into single-user and maintenance modes. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | ACCESS CONTROL |
| RHEL-08-020330 - RHEL 8 must not allow accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-08-040000 - RHEL 8 must not have the telnet-server package installed. | DISA Red Hat Enterprise Linux 8 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-215060 - RHEL 9 must not have a Trivial File Transfer Protocol (TFTP) server package installed. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-09-255050 - RHEL 9 must enable the Pluggable Authentication Module (PAM) interface for SSHD. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | MAINTENANCE |
| SLES-15-040060 - The SUSE operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA SLES 15 STIG v2r2 | Unix | CONFIGURATION MANAGEMENT |
| Specifying allowable IP ranges for SSH access | Tenable F5 BIG-IP Best Practice Audit | F5 | SYSTEM AND COMMUNICATIONS PROTECTION |
| UBTU-22-255040 - Ubuntu 22.04 LTS must be configured so that remote X connections are disabled, unless to fulfill documented and validated mission requirements. | DISA Canonical Ubuntu 22.04 LTS STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-22-271030 - Ubuntu 22.04 LTS must disable the x86 Ctrl-Alt-Delete key sequence if a graphical user interface is installed. | DISA Canonical Ubuntu 22.04 LTS STIG v2r3 | Unix | CONFIGURATION MANAGEMENT |
| VCLD-67-000034 - VAMI must implement TLS1.2 exclusively - tlsv12 | DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCLD-70-000056 - VAMI must enable FIPS mode. | DISA STIG VMware vSphere 7.0 VAMI v1r2 | Unix | IDENTIFICATION AND AUTHENTICATION |
| WBSP-AS-000212 - The WebSphere Application Server Java 2 security must not be bypassed. | DISA IBM WebSphere Traditional 9 STIG v1r1 | Unix | ACCESS CONTROL |
| WINCC-000001 - The Windows Installer Always install with elevated privileges must be disabled. | DISA Windows Vista STIG v6r41 | Windows | CONFIGURATION MANAGEMENT |
| WINRG-000001 - Standard user accounts must only have Read permissions to the Active Setup\Installed Components registry key. | DISA Windows Vista STIG v6r41 | Windows | ACCESS CONTROL |
| WN11-00-000100 - Internet Information System (IIS) or its subcomponents must not be installed on a workstation. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-00-000240 - Administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email. | DISA Windows 11 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN11-SO-000150 - Anonymous enumeration of shares must be restricted. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN11-SO-000165 - Anonymous access to Named Pipes and Shares must be restricted. | DISA Windows 11 STIG v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| WN22-SO-000210 - Windows Server 2022 must not allow anonymous SID/Name translation. | DISA Windows Server 2022 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| WN22-SO-000220 - Windows Server 2022 must not allow anonymous enumeration of Security Account Manager (SAM) accounts. | DISA Windows Server 2022 STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
