| RHEL-08-010170 |
V1R3 |
RHEL 8 must use a Linux Security Module configured to enforce limits on system services. |
|
| RHEL-08-010171 |
V1R3 |
RHEL 8 must have policycoreutils package installed. |
|
| RHEL-08-010421 |
V1R3 |
RHEL 8 must clear the page allocator to prevent use-after-free attacks. |
|
| RHEL-08-010422 |
V1R3 |
RHEL 8 must disable virtual syscalls. |
|
| RHEL-08-010423 |
V1R3 |
RHEL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks. |
|
| UBTU-20-010012 |
V1R12 |
The Ubuntu operating system must ensure only users who need access to security functions are part of sudo group. |
|
| WN11-CC-000037 |
V2R2 |
Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. |
|
| WN11-CC-000200 |
V2R2 |
Administrator accounts must not be enumerated during elevation. |
|
| WN11-SO-000250 |
V2R2 |
User Account Control must prompt administrators for consent on the secure desktop. |
|
| WN11-SO-000260 |
V2R2 |
User Account Control must be configured to detect application installations and prompt for elevation. |
|
| WN11-SO-000265 |
V2R2 |
User Account Control must only elevate UIAccess applications that are installed in secure locations. |
|
| WN11-SO-000275 |
V2R2 |
User Account Control must virtualize file and registry write failures to per-user locations. |
|
| WN10-CC-000037 |
V3R2 |
Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. |
|
| WN10-CC-000200 |
V3R2 |
Administrator accounts must not be enumerated during elevation. |
|
| WN10-SO-000250 |
V3R2 |
User Account Control must, at minimum, prompt administrators for consent on the secure desktop. |
|
| WN10-SO-000260 |
V3R2 |
User Account Control must be configured to detect application installations and prompt for elevation. |
|
| WN10-SO-000265 |
V3R2 |
User Account Control must only elevate UIAccess applications that are installed in secure locations. |
|
| WN10-SO-000275 |
V3R2 |
User Account Control must virtualize file and registry write failures to per-user locations. |
|
| WN19-CC-000240 |
V3R2 |
Windows Server 2019 administrator accounts must not be enumerated during elevation. |
|
| WN19-MS-000020 |
V3R2 |
Windows Server 2019 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers. |
|
| WN19-SO-000390 |
V3R2 |
Windows Server 2019 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop. |
|
| WN19-SO-000400 |
V3R2 |
Windows Server 2019 User Account Control must, at a minimum, prompt administrators for consent on the secure desktop. |
|
| WN19-SO-000420 |
V3R2 |
Windows Server 2019 User Account Control must be configured to detect application installations and prompt for elevation. |
|
| WN19-SO-000430 |
V3R2 |
Windows Server 2019 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations. |
|
| WN19-SO-000450 |
V3R2 |
Windows Server 2019 User Account Control (UAC) must virtualize file and registry write failures to per-user locations. |
|
| UBTU-22-432015 |
V2R2 |
Ubuntu 22.04 LTS must ensure only users who need access to security functions are part of sudo group. |
|
| WN16-CC-000280 |
V2R7 |
Administrator accounts must not be enumerated during elevation. |
|
| WN16-MS-000020 |
V2R7 |
Local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain systems. |
|
| WN16-SO-000470 |
V2R7 |
UIAccess applications must not be allowed to prompt for elevation without using the secure desktop. |
|
| WN16-SO-000480 |
V2R7 |
User Account Control must, at a minimum, prompt administrators for consent on the secure desktop. |
|
| WN16-SO-000500 |
V2R7 |
User Account Control must be configured to detect application installations and prompt for elevation. |
|
| WN16-SO-000510 |
V2R7 |
User Account Control must only elevate UIAccess applications that are installed in secure locations. |
|
| WN16-SO-000530 |
V2R7 |
User Account Control must virtualize file and registry write failures to per-user locations. |
|
| WN22-CC-000240 |
V1R4 |
Windows Server 2022 administrator accounts must not be enumerated during elevation. |
|
| WN22-MS-000020 |
V1R4 |
Windows Server 2022 local administrator accounts must have their privileged token filtered to prevent elevated privileges from being used over the network on domain-joined member servers. |
|
| WN22-SO-000390 |
V1R4 |
Windows Server 2022 UIAccess applications must not be allowed to prompt for elevation without using the secure desktop. |
|
| WN22-SO-000400 |
V1R4 |
Windows Server 2022 User Account Control (UAC) must, at a minimum, prompt administrators for consent on the secure desktop. |
|
| WN22-SO-000420 |
V1R4 |
Windows Server 2022 User Account Control (UAC) must be configured to detect application installations and prompt for elevation. |
|
| WN22-SO-000430 |
V1R4 |
Windows Server 2022 User Account Control (UAC) must only elevate UIAccess applications that are installed in secure locations. |
|
| WN22-SO-000450 |
V1R4 |
Windows Server 2022 User Account Control (UAC) must virtualize file and registry write failures to per-user locations. |
|
| OL08-00-010170 |
V1R3 |
OL 8 must use a Linux Security Module configured to enforce limits on system services. |
|
| OL08-00-010171 |
V1R3 |
OL 8 must have the "policycoreutils" package installed. |
|
| OL08-00-010421 |
V1R3 |
OL 8 must clear the page allocator to prevent use-after-free attacks. |
|
| OL08-00-010422 |
V1R3 |
OL 8 must disable virtual syscalls. |
|
| OL08-00-010423 |
V1R3 |
OL 8 must clear SLUB/SLAB objects to prevent use-after-free attacks. |
|
| UBTU-18-010037 |
V2R11 |
The Ubuntu operating system must be configured so that only users who need access to security functions are part of the sudo group. |
|