Detections
Analytics

CCI|CCI-001312

Title

Generates error messages that provide information necessary for corrective actions without revealing information that could be exploited.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
APPL-14-002021 - The macOS system must disable sending diagnostic and usage data to Apple.UnixDISA Apple macOS 14 (Sonoma) STIG v2r2
APPL-15-002021 - The macOS system must disable sending diagnostic and usage data to Apple.UnixDISA Apple macOS 15 (Sequoia) STIG v1r1
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.UnixDISA STIG Apache Server 2.4 Unix Site v2r4
AS24-U2-000640 - Debugging and trace information used to diagnose the Apache web server must be disabled.UnixDISA STIG Apache Server 2.4 Unix Site v2r4 Middleware
AS24-W1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled.WindowsDISA STIG Apache Server 2.4 Windows Server v2r3
AS24-W1-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled.WindowsDISA STIG Apache Server 2.4 Windows Server v3r1
AS24-W2-000610 - The Apache web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000630 - Debugging and trace information used to diagnose the Apache web server must be disabled.WindowsDISA STIG Apache Server 2.4 Windows Site v2r1
Big Sur - Generate Error Messages without Exploitable InformationUnixNIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Generate Error Messages without Exploitable InformationUnixNIST macOS Catalina v1.5.0 - All Profiles
DB2X-00-006200 - DB2 must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.IBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v2r1 Database
DTBI1135-IE11 - Internet Explorer Development Tools Must Be Disabled.WindowsDISA STIG IE 11 v2r5
EP11-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.PostgreSQLDBEDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-006500 - The EDB Postgres Advanced Server must provide nonprivileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
IIST-SI-000234 - Debugging and trace information used to diagnose the IIS 10.0 website must be disabled.WindowsDISA IIS 10.0 Site v2r10
IIST-SV-000139 - The IIS 10.0 web server Indexing must only index web content.WindowsDISA IIS 10.0 Server v3r2
IIST-SV-000139 - The IIS 10.0 web server Indexing must only index web content.WindowsDISA IIS 10.0 Server v2r10
IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information.WindowsDISA IIS 10.0 Server v3r2
IIST-SV-000210 - HTTPAPI Server version must be removed from the HTTP Response Header information.WindowsDISA IIS 10.0 Server v2r10
IISW-SI-000234 - Debugging and trace information used to diagnose the IIS 8.5 website must be disabled.WindowsDISA IIS 8.5 Site v2r9
IISW-SV-000139 - The IIS 8.5 web server Indexing must only index web content.WindowsDISA IIS 8.5 Server v2r7
MD3X-00-000520 - MongoDB must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.UnixDISA STIG MongoDB Enterprise Advanced 3.x v2r3 OS
Monterey - Generate Error Messages without Exploitable InformationUnixNIST macOS Monterey v1.0.0 - All Profiles
PHTN-40-000073 The Photon operating system /var/log directory must be restricted.UnixDISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1
PPS9-00-006500 - The EDB Postgres Advanced Server must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.PostgreSQLDBEDB PostgreSQL Advanced Server DB Audit v2r3
SQL4-00-022800 - The DBMS and associated applications must provide non-privileged users with error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries.MS_SQLDBDISA STIG SQL Server 2014 Database Audit v1r7
UBTU-22-232140 - Ubuntu 22.04 LTS must be configured so that the 'journalctl' command is not accessible by unauthorized users.UnixDISA STIG Canonical Ubuntu 22.04 LTS v2r2
VCEM-67-000022 - ESX Agent Manager must set the welcome-file node to a default web page.UnixDISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-67-000023 - ESX Agent Manager must not show directory listings.UnixDISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-67-000024 - ESX Agent Manager must be configured to show error pages with minimal information.UnixDISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-67-000025 - ESX Agent Manager must not enable support for TRACE requests.UnixDISA STIG VMware vSphere 6.7 EAM Tomcat v1r4
VCEM-70-000026 - ESX Agent Manager must hide the server version.UnixDISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCEM-70-000027 - ESX Agent Manager must not enable support for TRACE requests.UnixDISA STIG VMware vSphere 7.0 EAM Tomcat v1r2
VCFL-67-000024 - vSphere Client must be configured to show error pages with minimal information.UnixDISA STIG VMware vSphere 6.7 Virgo Client v1r2
VCFL-67-000025 - vSphere Client must not enable support for TRACE requests.UnixDISA STIG VMware vSphere 6.7 Virgo Client v1r2
VCLD-67-000029 - VAMI must disable directory browsing.UnixDISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCLD-67-000030 - VAMI must not be configured to use 'mod_status' - mod_status.UnixDISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCLD-67-000031 - VAMI must have debug logging disabled.UnixDISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3
VCLD-70-000020 - VAMI must disable directory browsing.UnixDISA STIG VMware vSphere 7.0 VAMI v1r2
VCLD-70-000022 - VAMI must have debug logging disabled.UnixDISA STIG VMware vSphere 7.0 VAMI v1r2
VCLD-70-000027 - VAMI must be configured to hide the server type and version in client responses - DoS attacks.UnixDISA STIG VMware vSphere 7.0 VAMI v1r2
VCLD-80-000062 The vCenter VAMI service must disable directory listing.UnixDISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1
VCLD-80-000064 The vCenter VAMI service must have debug logging disabled.UnixDISA VMware vSphere 8.0 vCenter Appliance Management Interface (VAMI) STIG v2r1
VCLU-70-000023 - Lookup Service must be configured to hide the server version.UnixDISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCLU-70-000025 - Lookup Service must not enable support for TRACE requests.UnixDISA STIG VMware vSphere 7.0 Lookup Service v1r2
VCPF-67-000024 - Performance Charts must not enable support for TRACE requests.UnixDISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3
VCPF-70-000026 - Performance Charts must hide the server versionUnixDISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCPF-70-000027 - Performance Charts must not enable support for TRACE requestsUnixDISA STIG VMware vSphere 7.0 Perfcharts Tomcat v1r1
VCPG-67-000019 - VMware Postgres must provide non-privileged users with minimal error information.UnixDISA STIG VMware vSphere 6.7 PostgreSQL v1r2
VCPG-70-000016 - VMware Postgres must provide nonprivileged users with minimal error information.UnixDISA STIG VMware vSphere 7.0 PostgreSQL v1r2