Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
Tenable OT Security Families
Tenable Cloud Security Families
Tenable Self-Hosted Container Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Release Notes
Analytics
CVEs
Overview
Newest
Updated
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002233
CCI
CCI|CCI-002233
Title
Prevent the organization-defined software from executing at higher privilege levels than users executing the software.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2024
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
1.10 PHTN-40-000019
Unix
CIS VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v1.0.0 CAT II
1.19 SQLD-22-002900
MS_SQLDB
CIS Microsoft SQL Server 2022 Database STIG v1.0.0 CAT II
1.43 ALMA-09-007280
Unix
CIS Cloud Linux AlmaLinux OS 9 STIG v1.0.0 CAT II
1.44 SQLI-22-010500
MS_SQLDB
CIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.46 UBTU-24-200580
Unix
CIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.48 SLES-15-010390
Unix
CIS SUSE Linux Enterprise Server 15 STIG v1.0.0 CAT II
1.59 MADB-10-006900
MySQLDB
CIS MariaDB Enterprise 10.x STIG v1.1.0 CAT II MySQLDB
1.64 SQLI-22-016400
MS_SQLDB
CIS Microsoft SQL Server 2022 Instance STIG v1.0.0 CAT II MS_SQLDB
1.93 AZLX-23-002110
Unix
CIS Amazon Linux 2023 STIG v1.0.0 CAT II
1.135 OL09-00-000715
Unix
CIS Oracle Linux 9 STIG v1.0.0 CAT II
1.177 UBTU-22-654230
Unix
CIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.185 RHEL-10-500300
Unix
CIS Red Hat Enterprise Linux 10 STIG v1.0.0 CAT II
1.205 OL08-00-030000
Unix
CIS Oracle Linux 8 STIG v1.0.0 CAT II
1.392 RHEL-09-654010
Unix
CIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 15 STIG v1r4
AIOS-15-009700 - Apple iOS/iPadOS 15 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 15 STIG v1r4
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
AirWatch - DISA Apple iOS-iPadOS 16 STIG v2r2
AIOS-16-009700 - Apple iOS/iPadOS 16 must not allow non-DoD applications to access DoD data.
MDM
MobileIron - DISA Apple iOS-iPadOS 16 STIG v2r2
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r2
AIOS-16-709700 - Apple iOS/iPadOS 16 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 16 v1r2
AIOS-16-714900 - Apple iOS/iPadOS 16 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 16 BYOAD v1r2
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 17 v2r2
AIOS-17-009700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 v2r2
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2
AIOS-17-709700 - Apple iOS/iPadOS 17 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS BYOAD 17 v1r2
AIOS-17-714900 - Apple iOS/iPadOS 17 must not allow DOD applications to access non-DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 17 BYOAD v1r2
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 18 v2r3
AIOS-18-009700 - Apple iOS/iPadOS 18 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 18 v2r3
AIOS-26-009700 - Apple iOS/iPadOS 26 must not allow non-DOD applications to access DOD data.
MDM
MobileIron - DISA Apple iOS/iPadOS 26 v1r3
AIOS-26-009700 - Apple iOS/iPadOS 26 must not allow non-DOD applications to access DOD data.
MDM
AirWatch - DISA Apple iOS/iPadOS 26 v1r3
AIX7-00-001138 - NFS file systems on AIX must be mounted with the nosuid option unless the NFS file systems contain approved setuid or setgid programs.
Unix
DISA IBM AIX 7.x STIG v3r2
ALMA-09-007280 - AlmaLinux OS 9 must audit uses of the "execve" system call.
Unix
DISA Cloud Linux AlmaLinux OS 9 STIG v1r6
AZLX-23-002110 - Amazon Linux 2023 must audit uses of the "execve" system call.
Unix
DISA Amazon Linux 2023 STIG v1r3
Big Sur - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Big Sur v1.4.0 - All Profiles
Catalina - Prevent Software From Executing at Higher Privilege Levels than Users Executing The Software
Unix
NIST macOS Catalina v1.5.0 - All Profiles
CD12-00-003600 - Execution of software modules (to include functions and trigger procedures) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
DISA STIG Crunchy Data PostgreSQL DB v3r1
CD16-00-006900 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
DISA Crunchy Data Postgres 16 STIG v1r2 PostgreSQLDB
CNTR-R2-001130 - Rancher RKE2 must prevent nonprivileged users from executing privileged functions to include disabling, circumventing, or altering implemented security safeguards/countermeasures.
Unix
DISA Rancher Government Solutions RKE2 STIG v2r6
DKER-EE-001170 - A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - repositoryAccess
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix DTR v2r2
DKER-EE-001180 - A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set - team member access
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2
DKER-EE-003200 - Docker Enterprise images must be built with the USER instruction to prevent containers from running as root.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r2
EP11-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EP11-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r4
EPAS-00-007500 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EnterpriseDB PostgreSQL Advanced Server DB v2r1
EPAS-00-007510 - Execution of software modules (to include stored procedures, functions, and triggers) with elevated privileges must be restricted to necessary cases only.
PostgreSQLDB
EnterpriseDB PostgreSQL Advanced Server DB v2r1
GEN000520 - The root user must not own the logon session for an application requiring a continuous display.
Unix
DISA STIG Solaris 10 SPARC v2r4
GEN000520 - The root user must not own the logon session for an application requiring a continuous display.
Unix
DISA STIG Solaris 10 X86 v2r4