CCI|CCI-000206

Title

Obscure feedback of authentication information during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.

Reference Item Details

Reference: CCI - DISA Control Correlation Identifier

Category: 2024

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
APPL-14-003012 - The macOS system must disable password hints.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-14-003014 - The macOS system must remove password hints from user accounts.	Unix	DISA Apple macOS 14 (Sonoma) STIG v2r1
APPL-15-003012 - The macOS system must disable password hints.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-003014 - The macOS system must remove password hints from user accounts.	Unix	DISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Obscure Passwords	Unix	NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-171
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Obscure Passwords	Unix	NIST macOS Catalina v1.5.0 - 800-53r4 High
DB2X-00-004510 - Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	IBM_DB2DB	DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password.	IBM_DB2DB	DISA STIG IBM DB2 v10.5 LUW v2r1 Database
EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	PostgreSQLDB	EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.	PostgreSQLDB	EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password.	PostgreSQLDB	EnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	PostgreSQLDB	EnterpriseDB PostgreSQL Advanced Server DB v2r1
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	F5	DISA F5 BIG-IP Device Management STIG v2r3
MADB-10-004300 - MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	MySQLDB	DISA MariaDB Enterprise 10.x v2r1 DB
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	Unix	DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	Unix	DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-171
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Obscure Passwords	Unix	NIST macOS Monterey v1.0.0 - 800-53r4 High
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	MySQLDB	DISA Oracle MySQL 8.0 v2r1 DB
O112-N1-015601 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	OracleDB	DISA STIG Oracle 11.2g v2r5 Database
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.	Unix	DISA STIG Oracle 11.2g v2r5 Linux
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.	Windows	DISA STIG Oracle 11.2g v2r5 Windows
PPS9-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	PostgreSQLDB	EDB PostgreSQL Advanced Server DB Audit v2r3
PPS9-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.	PostgreSQLDB	EDB PostgreSQL Advanced Server DB Audit v2r3
SQL4-00-039010 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.	MS_SQLDB	DISA STIG SQL Server 2014 Instance DB Audit v2r4
SQL4-00-039020 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.	MS_SQLDB	DISA STIG SQL Server 2014 Instance DB Audit v2r4
SQL6-D0-018100 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.	MS_SQLDB	DISA STIG SQL Server 2016 Instance DB Audit v3r1

Detections

Analytics

CCI|CCI-000206

Title

Reference Item Details

Audit Items