| STIG ID | Version | Title | Product |
|---|---|---|---|
| SRG-APP-000266-API-000535 | V1R1 | The API must not disclose sensitive data in error messages. | Security Requirements Guide - API |
| SRG-APP-000266-CTR-000625 | V2R4 | The container platform must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | Security Requirements Guide - Container Platform |
| SRG-APP-000266-MFP-000334 | V3R4 | The Mainframe Product must generate error messages that provide information necessary for corrective actions without revealing information that could be exploited by adversaries. | Security Requirements Guide - Mainframe Product |
| SRG-APP-000266-WSR-000142 | V4R4 | The web server must display a default hosted application web page, not a directory listing, when a requested web page cannot be found. | Security Requirements Guide - Web Server |
| SRG-APP-000266-WSR-000159 | V4R4 | Warning and error messages displayed to clients must be modified to minimize the identity of the web server, patches, loaded modules, and directory paths. | Security Requirements Guide - Web Server |
| SRG-APP-000266-WSR-000160 | V4R4 | Debugging and trace information used to diagnose the web server must be disabled. | Security Requirements Guide - Web Server |