CCI-001082
Separate user functionality, including user interface services, from system management functionality.
DB2 must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
SQL Server must be configured to separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
Nutanix AOS must separate hosted application functionality from application server management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
OHS accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.
1 rule found Severity: High
Oracle WebLogic must separate hosted application functionality from Oracle WebLogic management functionality.
1 rule found Severity: Medium
The Tanium application must separate user functionality (including user interface services) from information system management functionality.
3 rules found Severity: Medium
MongoDB must uniquely identify and authenticate non-organizational users (or processes acting on behalf of non-organizational users).
2 rules found Severity: Medium
The DBMS must separate user functionality (including user interface services) from database management functionality.
3 rules found Severity: Medium
PostgreSQL must separate user functionality (including user interface services) from database management functionality.
3 rules found Severity: Medium
The EDB Postgres Advanced Server must separate user functionality (including user interface services) from database management functionality.
2 rules found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
SSMC web server application, libraries, and configuration files must only be accessible to privileged users.
1 rule found Severity: Medium
The JBoss server must separate hosted application functionality from application server management functionality.
1 rule found Severity: Medium
MarkLogic Server must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
MongoDB must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
Azure SQL Database must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
IIS 10.0 Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.
1 rule found Severity: High
The IIS 10.0 web server must separate the hosted applications from hosted web server management functionality.
1 rule found Severity: Medium
A Windows PAW used to manage domain controllers and directory services must not be used to manage any other type of high-value IT resource.
1 rule found Severity: High
In a Windows PAW, administrator accounts used for maintaining the PAW must be separate from administrative accounts used to manage high-value IT resources.
1 rule found Severity: Medium
The MySQL Database Server 8.0 must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
Redis Enterprise DBMS must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
All Automation Controller NGINX web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.
1 rule found Severity: Medium
Nonprivileged accounts on the hosting system must only access Automation Controller NGINX web server security-relevant information and functions through a distinct administrative account.
1 rule found Severity: Medium
The SDN controller must be configured to separate tenant functionality from system management functionality.
1 rule found Severity: Medium
Web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.
1 rule found Severity: Medium
1 rule found Severity: Medium
The web server must separate the hosted applications from hosted web server management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
Apache web server accounts accessing the directory tree, the shell, or other operating system functions and utilities must only be administrative accounts.
3 rules found Severity: Medium
Apache web server application directories, libraries, and configuration files must only be accessible to privileged users.
2 rules found Severity: High
The Apache web server must separate the hosted applications from hosted Apache web server management functionality.
3 rules found Severity: Medium
1 rule found Severity: High
The application server must separate hosted application functionality from application server management functionality.
1 rule found Severity: Medium
The application user interface must be either physically or logically separated from data storage and management interfaces.
1 rule found Severity: Medium
1 rule found Severity: Medium
The container platform must separate user functionality (including user interface services) from information system management functionality.
1 rule found Severity: Medium
The operating system must separate user functionality (including user interface services) from operating system management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
The Mainframe Product must separate user functionality (including user interface services) from information system management functionality.
1 rule found Severity: Medium
MariaDB must separate user functionality (including user interface services) from database management functionality.
1 rule found Severity: Medium
Users requiring access to Prisma Cloud Compute's Credential Store must be assigned and accessed by the appropriate role holders.
1 rule found Severity: Medium
Rancher RKE2 runtime must maintain separate execution domains for each container by assigning each container a separate address space to prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium
OpenShift must separate user functionality (including user interface services) from information system management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
The VMM must separate user functionality (including user interface services) from VMM management functionality.
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium
1 rule found Severity: Medium