CCI|CCI-000206

Title

Obscure feedback of authentication information during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
APPL-14-003012 - The macOS system must disable password hints.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-003014 - The macOS system must remove password hints from user accounts.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-003012 - The macOS system must disable password hints.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-003014 - The macOS system must remove password hints from user accounts.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Obscure PasswordsUnixNIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - All Profiles
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-171
Catalina - Obscure PasswordsUnixNIST macOS Catalina v1.5.0 - 800-53r4 High
DB2X-00-004510 - Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.F5DISA F5 BIG-IP Device Management STIG v2r3
MADB-10-004300 - MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA MariaDB Enterprise 10.x v2r2 DB
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
MD7X-00-004300 MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.UnixDISA MongoDB Enterprise Advanced 7.x STIG v1r1
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - All Profiles
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-171
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Obscure PasswordsUnixNIST macOS Monterey v1.0.0 - 800-53r4 High
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MySQLDBDISA Oracle MySQL 8.0 v2r2 DB
O112-N1-015601 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.OracleDBDISA STIG Oracle 11.2g v2r5 Database
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.UnixDISA STIG Oracle 11.2g v2r5 Linux
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.WindowsDISA STIG Oracle 11.2g v2r5 Windows
PPS9-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.PostgreSQLDBEDB PostgreSQL Advanced Server DB Audit v2r3
PPS9-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.PostgreSQLDBEDB PostgreSQL Advanced Server DB Audit v2r3
SQL4-00-039010 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.MS_SQLDBDISA STIG SQL Server 2014 Instance DB Audit v2r4
SQL4-00-039020 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.MS_SQLDBDISA STIG SQL Server 2014 Instance DB Audit v2r4