| AIX7-00-001004 - AIX must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA STIG AIX 7.x v2r1 | Unix | ACCESS CONTROL |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - KeepAlive | DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - KeepAlive | DISA STIG Apache Server 2.4 Unix Server v2r5 | Unix | ACCESS CONTROL |
| AS24-U1-000010 - The Apache web server must limit the number of allowed simultaneous session requests - MaxKeepAliveRequests | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Unix Server v2r3 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
| AS24-U1-000020 - The Apache web server must perform server-side session management. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | ACCESS CONTROL |
| AS24-U2-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Unix Site v2r1 Middleware | Unix | ACCESS CONTROL |
| AS24-U2-000020 - The Apache web server must perform server-side session management. | DISA STIG Apache Server 2.4 Unix Site v2r4 | Unix | ACCESS CONTROL |
| AS24-U2-000020 - The Apache web server must perform server-side session management. | DISA STIG Apache Server 2.4 Unix Site v2r4 Middleware | Unix | ACCESS CONTROL |
| AS24-W1-000010 - The Apache web server must limit the number of allowed simultaneous session requests. | DISA STIG Apache Server 2.4 Windows Server v2r1 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - session_module | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL |
| AS24-W1-000020 - The Apache web server must perform server-side session management - usertrack_module | DISA STIG Apache Server 2.4 Windows Server v2r1 | Windows | ACCESS CONTROL |
| AS24-W2-000010 - The Apache web server must limit the number of allowed simultaneous session requests. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max-connections | DISA STIG Cisco IOS XE Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000010 - The Cisco router must be configured to limit the number of concurrent management sessions to an organization-defined number - ip http max-connections | DISA STIG Cisco IOS Router NDM v2r2 | Cisco | SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number - session-limit | DISA STIG Cisco IOS XE Switch NDM v2r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco NX-OS Switch NDM v2r8 | Cisco | |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco IOS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000010 - The Cisco switch must be configured to limit the number of concurrent management sessions to an organization-defined number. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| F5BI-DM-000003 - The BIG-IP appliance must limit the number of concurrent sessions to the Configuration Utility to 10 or an organization-defined number - 1 for each administrator account and/or administrator account type. | DISA F5 BIG-IP Device Management 11.x STIG v2r2 | F5 | |
| F5BI-LT-000029 - The BIG-IP Core implementation must be configured to limit the number of concurrent sessions to an organization-defined number for virtual servers - Connection Limit | DISA F5 BIG-IP Local Traffic Manager 11.x STIG v2r1 | F5 | ACCESS CONTROL |
| F5BI-LT-000029 - The BIG-IP Core implementation must be configured to limit the number of concurrent sessions to an organization-defined number for virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | ACCESS CONTROL |
| GEN000450 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL |
| IIST-SI-000202 - The IIS 10.0 website session state cookie settings must be configured to Use Cookies mode. | DISA IIS 10.0 Site v2r8 | Windows | |
| IIST-SV-000200 - The IIS 10.0 websites MaxConnections setting must be configured to limit the number of allowed simultaneous session requests. | DISA IIS 10.0 Server v2r10 | Windows | ACCESS CONTROL |
| IISW-SI-000201 - The IIS 8.5 website session state must be enabled. | DISA IIS 8.5 Site v2r5 | Windows | |
| IISW-SI-000201 - The IIS 8.5 website session state must be enabled. | DISA IIS 8.5 Site v2r8 | Windows | |
| IISW-SI-000202 - The IIS 8.5 website session state cookie settings must be configured to Use Cookies mode. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
| JUSX-DM-000001 - The Juniper SRX Services Gateway must limit the number of concurrent sessions to a maximum of 10 or less for remote access using SSH. | DISA Juniper SRX Services Gateway NDM v3r1 | Juniper | ACCESS CONTROL |
| O112-C2-000100 - The DBMS must limit the number of concurrent sessions for each system account to an organization-defined number of sessions. | DISA STIG Oracle 11.2g v2r4 Database | OracleDB | |
| OH12-1X-000002 - OHS must have the mpm_prefork_module directive disabled so as not conflict with the worker directive used to limit the number of allowed simultaneous requests. | DISA STIG Oracle HTTP Server 12.1.3 v2r2 | Unix | ACCESS CONTROL |
| OL6-00-000319 - The system must limit users to 10 simultaneous system logins, or a site-defined number, in accordance with operational requirements. | DISA STIG Oracle Linux 6 v1r17 | Unix | ACCESS CONTROL |
| PPS9-00-000100 - The EDB Postgres Advanced Server must limit the number of concurrent sessions to an organization-defined number per user for all accounts and/or account types. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | ACCESS CONTROL |
| SLES-12-010120 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SLES 12 STIG v2r11 | Unix | |
| SLES-15-020020 - The SUSE operating system must limit the number of concurrent sessions to 10 for all accounts and/or account types. | DISA SLES 15 STIG v1r1 | Unix | ACCESS CONTROL |
| SOL-11.1-040500 - The operating system must limit the number of concurrent sessions for each account to an organization-defined number of sessions. | DISA STIG Solaris 11 X86 v2r7 | Unix | |
| SOL-11.1-040500 - The operating system must limit the number of concurrent sessions for each account to an organization-defined number of sessions. | DISA STIG Solaris 11 SPARC v2r10 | Unix | |
| UBTU-16-010070 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA STIG Ubuntu 16.04 LTS v2r1 | Unix | ACCESS CONTROL |
| UBTU-18-010400 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA STIG Ubuntu 18.04 LTS v2r11 | Unix | |
| UBTU-18-010400 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA STIG Ubuntu 18.04 LTS v2r4 | Unix | ACCESS CONTROL |
| UBTU-18-010400 - The Ubuntu operating system must limit the number of concurrent sessions to ten for all accounts and/or account types. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | ACCESS CONTROL |
| VCEM-67-000004 - ESX Agent Manager must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 EAM Tomcat v1r4 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCFL-67-000001 - vSphere Client must limit the amount of time that each TCP connection is kept alive. | DISA STIG VMware vSphere 6.7 Virgo Client v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-67-000004 - Performance Charts must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-70-000004 - Performance Charts must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-67-000004 - vSphere UI must protect cookies from XSS. | DISA STIG VMware vSphere 6.7 UI Tomcat v1r3 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| VCUI-70-000004 - vSphere UI must protect cookies from cross-site scripting (XSS). | DISA STIG VMware vSphere 7.0 vCA UI v1r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
| WDNS-AC-000001 - The Windows 2012 DNS Server must restrict incoming dynamic update requests to known clients. | DISA Microsoft Windows 2012 Server DNS STIG v2r7 | Windows | ACCESS CONTROL |
