CCI-001090
Prevent unauthorized and unintended information transfer via shared system resources.
Apple iOS/iPadOS 15 must not allow backup to remote systems (iCloud document and data synchronization).
1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

Apple iOS/iPadOS 15 must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Photo Streams).
1 rule found Severity: Medium

Apple iOS/iPadOS 15 must not allow backup to remote systems (managed applications data stored in iCloud).
1 rule found Severity: Medium

1 rule found Severity: Medium

Apple iOS/iPadOS 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
1 rule found Severity: Medium

A policy set using the built-in role-based access control (RBAC) capabilities in the Universal Control Plane (UCP) component of Docker Enterprise must be configured.
1 rule found Severity: Medium

A policy set using the built-in role-based access control (RBAC) capabilities in the Docker Trusted Registry (DTR) component of Docker Enterprise must be set.
1 rule found Severity: Medium

Google Android 12 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Google Android 12 must be configured to not allow backup of [all applications, configuration data] to remote systems.
2 rules found Severity: Medium

Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy.
14 rules found Severity: Medium

Access to database files must be limited to relevant processes and to authorized, administrative users.
12 rules found Severity: Medium

1 rule found Severity: Medium

Microsoft Android 11 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Microsoft Android 11 must be configured to not allow backup of all applications and configuration data to remote systems.
2 rules found Severity: Medium

Apple iOS/iPadOS 16 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

The Ubuntu operating system must set a sticky bit on all public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

2 rules found Severity: Low

3 rules found Severity: Medium

3 rules found Severity: Medium

The DBMS must restrict access to system tables and other configuration information or metadata to DBAs or other authorized users.
2 rules found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: Low

Samsung Android must be configured to not allow backup of all applications and configuration data to remote systems.
1 rule found Severity: Medium

Samsung Android must be configured to not allow backup of all applications, configuration data to locally connected systems.
1 rule found Severity: Medium

Samsung Android must be configured to not allow backup of all applications, configuration data to remote systems. - Disable Data Sync Framework
1 rule found Severity: Medium

Samsung Android must be configured to not allow backup of all applications' configuration data to locally connected systems.
1 rule found Severity: Medium

Samsung Android's Work profile must be configured to not allow backup of [all applications, configuration data] to remote systems. - Disable Data Sync Framework
1 rule found Severity: Medium

Apple iOS/iPadOS 17 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

1 rule found Severity: Low

1 rule found Severity: Medium

The Ubuntu operating system must set a sticky bit on all public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

The DNS server implementation must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data transfer policy.
1 rule found Severity: Medium

Google Android 14 must be configured to not allow backup of all work profile applications to remote systems.
1 rule found Severity: Medium

Google Android 13 must be configured to not allow backup of all work profile applications to remote systems.
1 rule found Severity: Medium

Access to MarkLogic Server files must be limited to relevant processes and to authorized, administrative users.
1 rule found Severity: Medium

Azure SQL Database contents must be protected from unauthorized and unintended information transfer by enforcement of a data-transfer policy.
1 rule found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

3 rules found Severity: Medium

Data files owned by users must be on a different logical partition from the directory server data files.
1 rule found Severity: Medium

1 rule found Severity: Low

Redis Enterprise DBMS must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

Samsung Android's Work profile must be configured to not allow backup of all applications, configuration data to remote systems.- Disable Data Sync Framework.
2 rules found Severity: Medium

1 rule found Severity: Medium

A sticky bit must be set on all NixOS public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

Apple iOS/iPadOS 18 must not allow backup to remote systems (iCloud document and data synchronization).
1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

Apple iOS/iPadOS 18 must not allow backup to remote systems (iCloud Photo Sharing, also known as Shared Stream or Shared Photo Stream).
1 rule found Severity: Medium

Apple iOS/iPadOS 18 must not allow backup to remote systems (managed applications data stored in iCloud).
1 rule found Severity: Medium

1 rule found Severity: Medium

Apple iOS/iPadOS 18 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
1 rule found Severity: Medium

Apple iOS/iPadOS 18 must disable "Allow USB drive access in Files app" if the authorizing official (AO) has not approved the use of DOD-approved USB storage drives with iOS/iPadOS devices.
1 rule found Severity: Medium

Applications must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

Ubuntu 22.04 LTS must set a sticky bit on all public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

Any AlmaLinux OS 9 world-writable directories must be owned by root, sys, bin, or an application user.
1 rule found Severity: Medium

1 rule found Severity: Medium

The container platform must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

Google Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Google Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.
2 rules found Severity: Medium

Google Android 13 must allow only the Administrator (MDM) to perform the following management function: Disable Phone Hub.
2 rules found Severity: Low

Google Android 14 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Google Android 14 must be configured to not allow backup of [all applications, configuration data] to remote systems.
2 rules found Severity: Medium

Google Android 14 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub.
2 rules found Severity: Low

Google Android 15 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Google Android 15 must be configured to not allow backup of [all applications, configuration data] to remote systems.
2 rules found Severity: Medium

Google Android 15 must allow only the administrator (MDM) to perform the following management function: Disable Phone Hub.
2 rules found Severity: Low

Operating systems must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

ACF2 AUTOERAS GSO record value must be set to indicate that ACF2 is controlling the automatic physical erasure of VSAM or non VSAM data sets.
1 rule found Severity: Medium

2 rules found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

SQL Server must prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

SQL Server must prevent unauthorized and unintended information transfer via Instant File Initialization (IFI).
1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

Windows Server 2019 data files owned by users must be on a different logical partition from the directory server data files.
1 rule found Severity: Medium

1 rule found Severity: High

1 rule found Severity: Medium

1 rule found Severity: Medium

1 rule found Severity: Medium

Windows Server 2022 data files owned by users must be on a different logical partition from the directory server data files.
1 rule found Severity: Medium

1 rule found Severity: High

A sticky bit must be set on all OL 8 public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

1 rule found Severity: Medium

Rancher RKE2 runtime must maintain separate execution domains for each container by assigning each container a separate address space to prevent unauthorized and unintended information transfer via shared system resources.
1 rule found Severity: Medium

OpenShift must prevent unauthorized and unintended information transfer via shared system resources and enable page poisoning.
1 rule found Severity: Medium

1 rule found Severity: High

A sticky bit must be set on all RHEL 8 public directories to prevent unauthorized and unintended information transferred via shared system resources.
1 rule found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

2 rules found Severity: Low

Samsung Android must be configured to not allow backup of all applications and configuration data to locally connected systems.
6 rules found Severity: Medium

Samsung Android must be configured to not allow backup of all applications, configuration data to remote systems. (This requirement applies to the Work Profile for COPE.) - Disable Data Sync Framework.
2 rules found Severity: Medium

Samsung Android must be configured to not allow backup of all applications and configuration data to remote systems. - Disable Backup Services.
3 rules found Severity: Medium

The Samsung Android device must be configured to perform the following management function: Disable Phone Hub.
4 rules found Severity: Low

Samsung Android must be configured to not allow backup of all applications, configuration data to remote systems. - Disable Data Sync Framework.
1 rule found Severity: Medium

Samsung Android's Work profile must be configured to not allow backup of all applications, configuration data to remote systems. - Disable Data Sync Framework.
1 rule found Severity: Medium

Samsung Android must be configured to not allow backup of all applications, configuration data to remote systems.- Disable Data Sync Framework.
1 rule found Severity: Medium

1 rule found Severity: Medium

2 rules found Severity: Medium

Zebra Android 13 must be configured to not allow backup of [all applications, configuration data] to locally connected systems.
2 rules found Severity: Medium

Zebra Android 13 must be configured to not allow backup of [all applications, configuration data] to remote systems.
2 rules found Severity: Medium

Rancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.
1 rule found Severity: High
