Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-000206
CCI
CCI|CCI-000206
Title
Obscure feedback of authentication information during the authentication process to protect the information from possible exploitation and use by unauthorized individuals.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
APPL-14-003012 - The macOS system must disable password hints.
Unix
DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-14-003014 - The macOS system must remove password hints from user accounts.
Unix
DISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-003012 - The macOS system must disable password hints.
Unix
DISA Apple macOS 15 (Sequoia) STIG v1r1
APPL-15-003014 - The macOS system must remove password hints from user accounts.
Unix
DISA Apple macOS 15 (Sequoia) STIG v1r1
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-171
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 High
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Low
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - CNSSI 1253
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Low
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r4 Moderate
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 High
Big Sur - Obscure Passwords
Unix
NIST macOS Big Sur v1.4.0 - 800-53r5 Moderate
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Moderate
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Low
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - All Profiles
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 High
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 Moderate
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r5 Low
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - CNSSI 1253
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-171
Catalina - Obscure Passwords
Unix
NIST macOS Catalina v1.5.0 - 800-53r4 High
DB2X-00-004510 - Applications using the database must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
IBM_DB2DB
DISA STIG IBM DB2 v10.5 LUW v2r1 Database
DB2X-00-004520 - When using command-line tools such as db2, users must use a Connect method that does not expose the password.
IBM_DB2DB
DISA STIG IBM DB2 v10.5 LUW v2r1 Database
EP11-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-004800 - When using command-line tools such as psql, users must use a logon method that does not expose the password.
PostgreSQLDB
EnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
PostgreSQLDB
EnterpriseDB PostgreSQL Advanced Server DB v2r1
F5BI-DM-000133 - The BIG-IP appliance must be configured to obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
F5
DISA F5 BIG-IP Device Management STIG v2r3
MADB-10-004300 - MariaDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
MySQLDB
DISA MariaDB Enterprise 10.x v2r2 DB
MD3X-00-000800 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
MD4X-00-003300 - MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r4 OS
MD7X-00-004300 MongoDB must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
Unix
DISA MongoDB Enterprise Advanced 7.x STIG v1r1
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 High
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 Moderate
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 Low
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r5 Low
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - All Profiles
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-171
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 Moderate
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - CNSSI 1253
Monterey - Obscure Passwords
Unix
NIST macOS Monterey v1.0.0 - 800-53r4 High
MYS8-00-005300 - The MySQL Database Server 8.0 must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
MySQLDB
DISA Oracle MySQL 8.0 v2r2 DB
O112-N1-015601 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
OracleDB
DISA STIG Oracle 11.2g v2r5 Database
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.
Unix
DISA STIG Oracle 11.2g v2r5 Linux
O112-N1-015602 - When using command-line tools such as Oracle SQL*Plus, which can accept a plain-text password, users must use an alternative login method that does not expose the password.
Windows
DISA STIG Oracle 11.2g v2r5 Windows
PPS9-00-004810 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
PostgreSQLDB
EDB PostgreSQL Advanced Server DB Audit v2r3
PPS9-00-004820 - When using command-line tools such as psql, users must use a logon method that does not expose the password.
PostgreSQLDB
EDB PostgreSQL Advanced Server DB Audit v2r3
SQL4-00-039010 - Applications must obscure feedback of authentication information during the authentication process to protect the information from possible exploitation/use by unauthorized individuals.
MS_SQLDB
DISA STIG SQL Server 2014 Instance DB Audit v2r4
SQL4-00-039020 - When using command-line tools such as SQLCMD in a mixed-mode authentication environment, users must use a logon method that does not expose the password.
MS_SQLDB
DISA STIG SQL Server 2014 Instance DB Audit v2r4