Prevent unqualified CIS and STIGID references

linux_os/guide/services/obsolete/inetd_and_xinetd/package_tcp_wrappers_installed/rule.yml

@@ -20,7 +20,8 @@ identifiers:
     cce@rhel7: CCE-27361-5
 
 references:
-    cis: 3.4.1
+    cis@rhel7: 3.4.1
+    cis@sle15: 3.4.1
     disa: CCI-000366
     nist: CM-6(a)
     nist-csf: PR.IP-1
@@ -30,7 +31,6 @@ references:
     cobit5: BAI10.01,BAI10.02,BAI10.03,BAI10.05
     iso27001-2013: A.12.1.2,A.12.5.1,A.12.6.2,A.14.2.2,A.14.2.3,A.14.2.4
     cis-csc: 11,3,9
-    cis@sle15: 3.4.1
 
 ocil_clause: 'the package is not installed'
 

linux_os/guide/services/obsolete/inetd_and_xinetd/service_xinetd_disabled/rule.yml

@@ -20,7 +20,8 @@ identifiers:
     cce@rhel8: CCE-80888-1
 
 references:
-    cis: 2.1.7
+    cis@rhel7: 2.1.7
+    cis@rhel8: 2.1.7
     cui: 3.4.7
     disa: CCI-000305
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)

linux_os/guide/services/obsolete/nis/package_ypserv_removed/rule.yml

@@ -23,7 +23,9 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-020010
-    cis: 2.2.16
+    cis@rhel7: 2.2.16
+    cis@rhel8: 2.2.17
+    cis@sle15: 2.2.17
     disa: CCI-000381
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
     nist: CM-7(a),CM-7(b),CM-6(a),IA-5(1)(c)
@@ -35,7 +37,6 @@ references:
     cobit5: APO13.01,BAI10.01,BAI10.02,BAI10.03,BAI10.05,DSS01.04,DSS05.02,DSS05.03,DSS05.05,DSS06.06
     iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2
     cis-csc: 11,12,14,15,3,8,9
-    cis@sle15: 2.2.17
 
 {{{ complete_ocil_entry_package(package="ypserv") }}}
 

linux_os/guide/services/obsolete/r_services/package_rsh_removed/rule.yml

@@ -23,7 +23,7 @@ identifiers:
     cce@rhel8: CCE-82183-5
 
 references:
-    cis: 2.3.2
+    cis@rhel7: 2.3.2
     cui: 3.1.13
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
     iso27001-2013: A.8.2.3,A.13.1.1,A.13.2.1,A.13.2.3,A.14.1.2,A.14.1.3

linux_os/guide/services/obsolete/r_services/service_rexec_disabled/rule.yml

@@ -23,7 +23,7 @@ identifiers:
     cce@rhel8: CCE-80884-0
 
 references:
-    cis: 2.2.17
+    cis@rhel7: 2.2.17
     cui: 3.1.13,3.4.7
     disa: CCI-000068,CCI-001436
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)

linux_os/guide/services/obsolete/r_services/service_rlogin_disabled/rule.yml

@@ -24,7 +24,7 @@ identifiers:
     cce@rhel8: CCE-80885-7
 
 references:
-    cis: 2.2.17
+    cis@rhel7: 2.2.17
     cui: 3.1.13,3.4.7
     disa: CCI-001436
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)

linux_os/guide/services/obsolete/r_services/service_rsh_disabled/rule.yml

@@ -24,7 +24,7 @@ identifiers:
     cce@rhel8: CCE-82431-8
 
 references:
-    cis: 2.2.17
+    cis@rhel7: 2.2.17
     cui: 3.1.13,3.4.7
     disa: CCI-000068,CCI-001436
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)

linux_os/guide/services/obsolete/talk/package_talk-server_removed/rule.yml

@@ -18,7 +18,7 @@ identifiers:
     cce@rhel8: CCE-82180-1
 
 references:
-    cis: 2.2.21
+    cis@rhel7: 2.2.18
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
 
 {{{ complete_ocil_entry_package(package="talk-server") }}}

linux_os/guide/services/obsolete/talk/package_talk_removed/rule.yml

@@ -23,7 +23,7 @@ identifiers:
     cce@rhel8: CCE-80848-5
 
 references:
-    cis: 2.3.3
+    cis@rhel7: 2.3.3
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
 
 {{{ complete_ocil_entry_package(package="talk") }}}

linux_os/guide/services/obsolete/telnet/package_telnet-server_removed/rule.yml

@@ -32,7 +32,7 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-021710
-    cis: 2.1.1
+    cis@rhel7: 2.1.19
     disa: CCI-000381
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
     iso27001-2013: A.11.2.6,A.12.1.2,A.12.5.1,A.12.6.2,A.13.1.1,A.13.2.1,A.14.1.3,A.14.2.2,A.14.2.3,A.14.2.4,A.6.2.1,A.6.2.2,A.9.1.2

linux_os/guide/services/obsolete/telnet/service_telnet_disabled/rule.yml

@@ -43,7 +43,7 @@ identifiers:
     cce@rhel8: CCE-80887-3
 
 references:
-    cis: 2.2.18
+    cis@rhel7: 2.2.19
     cui: 3.1.13,3.4.7
     hipaa: 164.308(a)(4)(i),164.308(b)(1),164.308(b)(3),164.310(b),164.312(e)(1),164.312(e)(2)(ii)
     nist: CM-7(a),CM-7(b),CM-6(a),IA-5(1)(c)

linux_os/guide/services/obsolete/tftp/service_tftp_disabled/rule.yml

@@ -19,7 +19,7 @@ identifiers:
     cce@rhel8: CCE-82435-9
 
 references:
-    cis: 2.1.6
+    cis@rhel7: 2.2.20
     disa: CCI-001436
     nist: CM-7(a),CM-7(b),CM-6(a)
     nist-csf: PR.AC-3,PR.IP-1,PR.PT-3,PR.PT-4

linux_os/guide/services/proxy/disabling_squid/service_squid_disabled/rule.yml

@@ -18,7 +18,8 @@ identifiers:
     cce@rhel8: CCE-82190-0
 
 references:
-    cis: 2.2.13
+    cis@rhel7: 2.2.13
+    cis@rhel8: 2.2.6
     cis@sle15: 2.2.13
 
 ocil: |-

linux_os/guide/services/ssh/ssh_server/sshd_allow_only_protocol2/rule.yml

@@ -24,7 +24,7 @@ identifiers:
 references:
     stigid@ol7: OL07-00-040390
     anssi: NT007(R1)
-    cis: 5.2.2
+    cis@rhel7: 5.2.2
     cis@sle15: 5.2.4
     cjis: 5.5.6
     cui: 3.1.13,3.5.4

linux_os/guide/services/ssh/ssh_server/sshd_use_approved_ciphers/rule.yml

@@ -52,7 +52,6 @@ identifiers:
     cce@sle12: CCE-83181-8
 
 references:
-    cis: 5.2.10
     cjis: 5.5.6
     cui: 3.1.13,3.13.11,3.13.8
     disa: CCI-000068,CCI-000366,CCI-000803,CCI-000877,CCI-002890,CCI-003123

linux_os/guide/services/ssh/ssh_server/sshd_use_approved_macs/rule.yml

@@ -46,7 +46,7 @@ identifiers:
     cce@sle12: CCE-83036-4
 
 references:
-    cis: 5.2.12
+    cis@rhel7: 5.2.11
     cui: 3.1.13,3.13.11,3.13.8
     disa: CCI-000068,CCI-000803,CCI-000877,CCI-001453,CCI-003123
     hipaa: 164.308(b)(1),164.308(b)(2),164.312(e)(1),164.312(e)(2)(i),164.312(e)(2)(ii),164.314(b)(2)(i)

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_dcredit/rule.yml

@@ -31,7 +31,7 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-010140
-    cis: 6.3.2
+    cis@rhel7: 5.3.1
     disa: CCI-000194
     nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
     nist-csf: PR.AC-1,PR.AC-6,PR.AC-7

linux_os/guide/system/accounts/accounts-pam/password_quality/password_quality_pwquality/accounts_password_pam_ucredit/rule.yml

@@ -28,7 +28,7 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-010120
-    cis: 6.3.2
+    cis@rhel7: 5.3.1
     disa: CCI-000192
     nist: IA-5(c),IA-5(1)(a),CM-6(a),IA-5(4)
     nist-csf: PR.AC-1,PR.AC-6,PR.AC-7

linux_os/guide/system/accounts/accounts-pam/set_password_hashing_algorithm/set_password_hashing_algorithm_logindefs/rule.yml

@@ -26,7 +26,6 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-010210
-    cis: 6.3.1
     cjis: 5.6.2.2
     cui: 3.13.11
     disa: CCI-000196

linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_bashrc/rule.yml

@@ -23,7 +23,8 @@ identifiers:
     cce@rhcos4: CCE-84260-9
 
 references:
-    cis: 5.4.4
+    cis@rhel7: 5.4.4
+    cis@rhel8: 5.5.4
     disa: CCI-000366
     nist: AC-6(1),CM-6(a)
     nist-csf: PR.IP-2

linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_etc_profile/rule.yml

@@ -20,7 +20,8 @@ identifiers:
     cce@rhcos4: CCE-84262-5
 
 references:
-    cis: 5.4.4
+    cis@rhel7: 5.4.4
+    cis@rhel8: 5.5.4
     disa: CCI-000366
     nist: AC-6(1),CM-6(a)
     nist-csf: PR.IP-2

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_delete/rule.yml

@@ -32,7 +32,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030830
-    cis: 5.2.17
+    cis@rhel7: 4.1.17
+    cis@rhel8: 4.1.15
     cui: 3.1.7
     disa: CCI-000172
     disa@sle15: CCI-000130,CCI-000169,CCI-000172,CCI-002884
@@ -55,4 +56,3 @@ references:
     cis-csc: 1,11,12,13,14,15,16,19,2,3,4,5,6,7,8,9
 
 {{{ complete_ocil_entry_audit_syscall(syscall="delete_module") }}}
-

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_finit/rule.yml

@@ -32,7 +32,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030821
-    cis: 5.2.17
+    cis@rhel7: 4.1.17
+    cis@rhel8: 4.1.15
     cui: 3.1.7
     disa: CCI-000172
     disa@sle15: CCI-000130,CCI-000169,CCI-002884

linux_os/guide/system/auditing/auditd_configure_rules/audit_kernel_module_loading/audit_rules_kernel_module_loading_init/rule.yml

@@ -31,7 +31,8 @@ identifiers:
     cce@sle15: CCE-85750-8
 references:
     stigid@ol7: OL07-00-030820
-    cis: 5.2.17
+    cis@rhel7: 4.1.17
+    cis@rhel8: 4.1.15
     cui: 3.1.7
     disa: CCI-000172
     disa@sle15: CCI-000130,CCI-000169,CCI-002884

linux_os/guide/system/auditing/auditd_configure_rules/audit_login_events/audit_rules_login_events_tallylog/rule.yml

@@ -32,7 +32,6 @@ identifiers:
     cce@sle15: CCE-85597-3
 
 references:
-    cis: 5.2.8
     cui: 3.1.7
     disa: CCI-000172,CCI-002884,CCI-000126
     hipaa: 164.308(a)(1)(ii)(D),164.308(a)(3)(ii)(A),164.308(a)(5)(ii)(C),164.312(a)(2)(i),164.312(b),164.312(d),164.312(e)

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification/rule.yml

@@ -37,7 +37,6 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030710
-    cis: 5.2.5
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000130,CCI-000172,CCI-001403,CCI-002130
@@ -71,4 +70,3 @@ warnings:
         <li><tt>audit_rules_usergroup_modification_gshadow</tt></li>
         <li><tt>audit_rules_usergroup_modification_passwd</tt></li>
         </ul>
-

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_group/rule.yml

@@ -36,7 +36,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030871
-    cis: 5.2.5
+    cis@rhel7: 4.1.5
+    cis@rhel8: 4.1.11
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_gshadow/rule.yml

@@ -36,7 +36,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030872
-    cis: 5.2.5
+    cis@rhel7:  4.1.5
+    cis@rhel8: 4.1.11
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_opasswd/rule.yml

@@ -36,7 +36,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030874
-    cis: 5.2.5
+    cis@rhel7: 4.1.5
+    cis@rhel8: 4.1.11
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_passwd/rule.yml

@@ -36,7 +36,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030870
-    cis: 5.2.5
+    cis@rhel7: 4.1.5
+    cis@rhel8: 4.1.11
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132

linux_os/guide/system/auditing/auditd_configure_rules/audit_rules_usergroup_modification_shadow/rule.yml

@@ -36,7 +36,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-030873
-    cis: 5.2.5
+    cis@rhel7: 4.1.5
+    cis@rhel8: 4.1.11
     cjis: 5.4.1.1
     cui: 3.1.7
     disa: CCI-000018,CCI-000172,CCI-001403,CCI-001404,CCI-001405,CCI-001683,CCI-001684,CCI-001685,CCI-001686,CCI-002130,CCI-002132

linux_os/guide/system/bootloader-grub2/non-uefi/grub2_admin_username/rule.yml

@@ -33,7 +33,6 @@ identifiers:
     cce@rhcos4: CCE-83582-7
 
 references:
-    cis: 1.4.2
     cui: 3.4.5
     disa: CCI-000213
     hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii)

linux_os/guide/system/bootloader-grub2/uefi/file_groupowner_efi_grub2_cfg/rule.yml

@@ -24,7 +24,8 @@ rationale: |-
 severity: medium
 
 references:
-    cis: 1.4.1
+    cis@rhel7: 1.4.1
+    cis@rhel8: 1.5.1
     cjis: 5.5.2.2
     cui: 3.4.5
     disa: CCI-000225

linux_os/guide/system/bootloader-grub2/uefi/file_owner_efi_grub2_cfg/rule.yml

@@ -22,7 +22,8 @@ rationale: 'Only root should be able to modify important boot parameters.'
 severity: medium
 
 references:
-    cis: 1.4.1
+    cis@rhel7: 1.4.1
+    cis@rhel8: 1.5.1
     cjis: 5.5.2.2
     cui: 3.4.5
     disa: CCI-000225

linux_os/guide/system/bootloader-grub2/uefi/file_permissions_efi_grub2_cfg/rule.yml

@@ -20,7 +20,8 @@ rationale: |-
 severity: medium
 
 references:
-    cis: 1.4.1
+    cis@rhel7: 1.4.1
+    cis@rhel8: 1.5.1
     cui: 3.4.5
     disa: CCI-000225
     nist: CM-6(a),AC-6(1)

linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_admin_username/rule.yml

@@ -40,7 +40,6 @@ identifiers:
     cce@rhcos4: CCE-83540-5
 
 references:
-    cis: 1.4.2
     cui: 3.4.5
     disa: CCI-000213
     hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii)

linux_os/guide/system/bootloader-grub2/uefi/grub2_uefi_password/rule.yml

@@ -52,7 +52,8 @@ identifiers:
 
 references:
     stigid@ol7: OL07-00-010491
-    cis: 1.4.2
+    cis@rhel7: 1.4.2
+    cis@rhel8: 1.5.2
     cui: 3.4.5
     disa: CCI-000213
     hipaa: 164.308(a)(1)(ii)(B),164.308(a)(7)(i),164.308(a)(7)(ii)(A),164.310(a)(1),164.310(a)(2)(i),164.310(a)(2)(ii),164.310(a)(2)(iii),164.310(b),164.310(c),164.310(d)(1),164.310(d)(2)(iii)

linux_os/guide/system/logging/rsyslog_accepting_remote_messages/package_syslogng_installed/rule.yml

@@ -14,7 +14,6 @@ severity: medium
 
 references:
     anssi: BP28(R46),BP28(R5)
-    cis: 5.1.1
     disa: CCI-001311,CCI-001312
     nist: CM-6(a)
     nist-csf: PR.PT-1

linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_accept_remote_messages_tcp/rule.yml

@@ -20,7 +20,7 @@ identifiers:
     cce@rhel7: CCE-80193-6
 
 references:
-    cis: 4.2.1.5
+    cis@rhel7: 4.2.1.5
     nist: CM-6(a),AU-6(3),AU-6(4)
     isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9'
     isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4

linux_os/guide/system/logging/rsyslog_accepting_remote_messages/rsyslog_accept_remote_messages_udp/rule.yml

@@ -21,7 +21,7 @@ identifiers:
     cce@rhel7: CCE-80194-4
 
 references:
-    cis: 4.2.1.5
+    cis@rhel7: 4.2.1.5
     nist: CM-6(a),AU-6(3),AU-6(4)
     isa-62443-2013: 'SR 2.10,SR 2.11,SR 2.12,SR 2.8,SR 2.9'
     isa-62443-2009: 4.3.3.3.9,4.3.3.5.8,4.3.4.4.7,4.4.2.1,4.4.2.2,4.4.2.4