Detections
Analytics

CCI|CCI-004895

Title

Permit users to invoke the trusted communications path for communications between the user and the organization-defined security functions, including at a minimum, authentication and re-authentication.

Reference Item Details

Category: 2024

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.64 UBTU-24-300021UnixCIS Ubuntu Linux 24.04 LTS STIG v1.0.0 CAT II
1.66 OL08-00-010380UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.67 OL08-00-010381UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.70 OL08-00-010384UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.71 OL08-00-010385UnixCIS Oracle Linux 8 STIG v1.0.0 CAT II
1.88 UBTU-22-432010UnixCIS Ubuntu Linux 22.04 LTS STIG v1.0.0 CAT II
1.134 APPL-14-004022UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.138 APPL-14-004060UnixCIS Apple macOS 14 (Sonoma) STIG v1.0.0 CAT II
1.305 RHEL-09-432015UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.307 RHEL-09-432025UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.309 RHEL-09-432035UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.326 RHEL-09-611085UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
1.337 RHEL-09-611145UnixCIS Red Hat Enterprise Linux 9 STIG v1.0.0 CAT II
AIX7-00-002061 - AIX must remove NOPASSWD tag from sudo config files.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002062 - AIX must remove !authenticate option from sudo config files.UnixDISA STIG AIX 7.x v3r1
AIX7-00-002108 - If GSSAPI authentication is not required on AIX, the SSH daemon must disable GSSAPI authentication.UnixDISA STIG AIX 7.x v3r1
APPL-14-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-14-004060 - The macOS system must configure sudoers timestamp type.UnixDISA Apple macOS 14 (Sonoma) STIG v2r3
APPL-15-004022 - The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command.UnixDISA Apple macOS 15 (Sequoia) STIG v1r4
APPL-15-004060 - The macOS system must configure sudoers timestamp type.UnixDISA Apple macOS 15 (Sequoia) STIG v1r4
CASA-VN-000350 - The Cisco ASA VPN gateway must be configured to renegotiate the IPsec Security Association after eight hours or less.CiscoDISA STIG Cisco ASA VPN v2r2
CASA-VN-000360 - The Cisco ASA VPN gateway must be configured to renegotiate the IKE security association after 24 hours or less.CiscoDISA STIG Cisco ASA VPN v2r2
CD12-00-010100 - PostgreSQL must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.PostgreSQLDBDISA STIG Crunchy Data PostgreSQL DB v3r1
EPAS-00-008800 - The EDB Postgres Advanced Server must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.PostgreSQLDBEnterpriseDB PostgreSQL Advanced Server DB v2r1
IBMW-LS-000720 - HTTP session timeout must be configured.UnixDISA IBM WebSphere Liberty Server STIG v2r2
MADB-10-008200 - MariaDB must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.MySQLDBDISA MariaDB Enterprise 10.x v2r3 DB
MYS8-00-010400 - The MySQL Database Server 8.0 must require users to reauthenticate when organization-defined circumstances or situations require reauthentication.MySQLDBDISA Oracle MySQL 8.0 v2r2 DB
OL07-00-010340 - The Oracle Linux operating system must be configured so that users must provide a password for privilege escalation.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-010343 - The Oracle Linux operating system must require re-authentication when using the 'sudo' command - sudo command.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-010344 - The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation.UnixDISA Oracle Linux 7 STIG v3r3
OL07-00-010350 - The Oracle Linux operating system must be configured so users must re-authenticate for privilege escalation.UnixDISA Oracle Linux 7 STIG v3r3
OL08-00-010380 - OL 8 must require users to provide a password for privilege escalation.UnixDISA Oracle Linux 8 STIG v2r5
OL08-00-010381 - OL 8 must require users to reauthenticate for privilege escalation and changing roles.UnixDISA Oracle Linux 8 STIG v2r5
OL08-00-010384 - OL 8 must require reauthentication when using the "sudo" command.UnixDISA Oracle Linux 8 STIG v2r5
OL08-00-010385 - The OL 8 operating system must not be configured to bypass password requirements for privilege escalation.UnixDISA Oracle Linux 8 STIG v2r5
PHTN-40-000133 The Photon operating system must require users to reauthenticate for privilege escalation.UnixDISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1
RHEL-08-010380 - RHEL 8 must require users to provide a password for privilege escalation.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-08-010381 - RHEL 8 must require users to reauthenticate for privilege escalation.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-08-010384 - RHEL 8 must require re-authentication when using the "sudo" command.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-08-010385 - The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation.UnixDISA Red Hat Enterprise Linux 8 STIG v2r4
RHEL-09-432015 - RHEL 9 must require reauthentication when using the "sudo" command.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-432025 - RHEL 9 must require users to reauthenticate for privilege escalation.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-432035 - RHEL 9 must restrict the use of the "su" command.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611085 - RHEL 9 must require users to provide a password for privilege escalation.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
RHEL-09-611145 - RHEL 9 must not be configured to bypass password requirements for privilege escalation.UnixDISA Red Hat Enterprise Linux 9 STIG v2r4
SLES-12-010110 - The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges.UnixDISA SLES 12 STIG v3r3
SLES-12-010113 - The SUSE operating system must require re-authentication when using the 'sudo' command - sudo command.UnixDISA SLES 12 STIG v3r3
SLES-12-010114 - The SUSE operating system must not be configured to bypass password requirements for privilege escalation.UnixDISA SLES 12 STIG v3r3
SLES-15-010450 - The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges.UnixDISA SUSE Linux Enterprise Server 15 STIG v2r5
SLES-15-020102 - The SUSE operating system must require reauthentication when using the "sudo" command.UnixDISA SUSE Linux Enterprise Server 15 STIG v2r5