| RHEL-08-010380 | V1R6 | RHEL 8 must require users to provide a password for privilege escalation. | |
| RHEL-08-010381 | V1R6 | RHEL 8 must require users to reauthenticate for privilege escalation. | |
| RHEL-08-010384 | V1R6 | RHEL 8 must require re-authentication when using the "sudo" command. | |
| RHEL-08-010385 | V1R6 | The RHEL 8 operating system must not be configured to bypass password requirements for privilege escalation. | |
| SLES-15-010450 | V1R4 | The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges. | |
| SLES-15-020102 | V1R4 | The SUSE operating system must require re-authentication when using the "sudo" command. | |
| UBTU-18-010114 | V2R12 | The Ubuntu operating system must require users to re-authenticate for privilege escalation and changing roles. | |
| UBTU-20-010014 | V1R6 | The Ubuntu operating system must require users to reauthenticate for privilege escalation or when changing roles. | |
| APPL-14-004022 | V1R1 | The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command. | |
| APPL-14-004060 | V1R1 | The macOS system must configure sudoers timestamp type. | |
| APPL-13-004022 | V1R5 | The macOS system must require users to reauthenticate for privilege escalation when using the "sudo" command. | |
| OL07-00-010340 | V3R1 | The Oracle Linux operating system must be configured so that users must provide a password for privilege escalation. | |
| OL07-00-010350 | V3R1 | The Oracle Linux operating system must be configured so users must re-authenticate for privilege escalation. | |
| OL07-00-010343 | V3R1 | The Oracle Linux operating system must require re-authentication when using the "sudo" command. | |
| OL07-00-010344 | V3R1 | The Oracle Linux operating system must not be configured to bypass password requirements for privilege escalation. | |
| RHEL-07-010340 | V3R6 | The Red Hat Enterprise Linux operating system must be configured so that users must provide a password for privilege escalation. | |
| RHEL-07-010350 | V3R6 | The Red Hat Enterprise Linux operating system must be configured so that users must re-authenticate for privilege escalation. | |
| RHEL-07-010343 | V3R6 | The Red Hat Enterprise Linux operating system must require re-authentication when using the "sudo" command. | |
| RHEL-07-010344 | V3R6 | The Red Hat Enterprise Linux operating system must not be configured to bypass password requirements for privilege escalation. | |
| SLES-12-010110 | V3R1 | The SUSE operating system must reauthenticate users when changing authenticators, roles, or escalating privileges. | |
| SLES-12-010113 | V3R1 | The SUSE operating system must require re-authentication when using the "sudo" command. | |
| SLES-12-010114 | V3R1 | The SUSE operating system must not be configured to bypass password requirements for privilege escalation. | |
| OL08-00-010380 | V1R6 | OL 8 must require users to provide a password for privilege escalation. | |
| OL08-00-010381 | V1R6 | OL 8 must require users to reauthenticate for privilege escalation and changing roles. | |
| OL08-00-010384 | V1R6 | OL 8 must require re-authentication when using the "sudo" command. | |
| OL08-00-010385 | V1R6 | The OL 8 operating system must not be configured to bypass password requirements for privilege escalation. | |
| UBTU-22-432010 | V1R1 | Ubuntu 22.04 LTS must require users to reauthenticate for privilege escalation or when changing roles. | |
| WN11-CC-000145 | V1R6 | Users must be prompted for a password on resume from sleep (on battery). | |
| WN11-CC-000150 | V1R6 | The user must be prompted for a password on resume from sleep (plugged in). | |
| WN11-CC-000270 | V1R6 | Passwords must not be saved in the Remote Desktop Client. | |
| WN11-CC-000280 | V1R6 | Remote Desktop Services must always prompt a client for passwords upon connection. | |
| WN11-CC-000355 | V1R6 | The Windows Remote Management (WinRM) service must not store RunAs credentials. | |
| RHEL-09-432015 | V2R5 | RHEL 9 must require reauthentication when using the "sudo" command. | |
| RHEL-09-432025 | V2R5 | RHEL 9 must require users to reauthenticate for privilege escalation. | |
| RHEL-09-432035 | V2R5 | RHEL 9 must restrict the use of the "su" command. | |
| RHEL-09-611085 | V2R5 | RHEL 9 must require users to provide a password for privilege escalation. | |
| RHEL-09-611145 | V2R5 | RHEL 9 must not be configured to bypass password requirements for privilege escalation. | |
| WN10-CC-000145 | V3R1 | Users must be prompted for a password on resume from sleep (on battery). | |
| WN10-CC-000150 | V3R1 | The user must be prompted for a password on resume from sleep (plugged in). | |
| WN10-CC-000270 | V3R1 | Passwords must not be saved in the Remote Desktop Client. | |
| WN10-CC-000280 | V3R1 | Remote Desktop Services must always prompt a client for passwords upon connection. | |
| WN10-CC-000355 | V3R1 | The Windows Remote Management (WinRM) service must not store RunAs credentials. | |
| WN22-CC-000340 | V2R5 | Windows Server 2022 must not save passwords in the Remote Desktop Client. | |
| WN22-CC-000360 | V2R5 | Windows Server 2022 Remote Desktop Services must always prompt a client for passwords upon connection. | |
| WN22-CC-000520 | V2R5 | Windows Server 2022 Windows Remote Management (WinRM) service must not store RunAs credentials. | |
| WN22-SO-000380 | V2R5 | Windows Server 2022 User Account Control (UAC) approval mode for the built-in Administrator must be enabled. | |
| WN22-SO-000410 | V2R5 | Windows Server 2022 User Account Control (UAC) must automatically deny standard user requests for elevation. | |
| WN22-SO-000440 | V2R5 | Windows Server 2022 User Account Control (UAC) must run all administrators in Admin Approval Mode, enabling UAC. | |