I upgraded RHEL 7 to 8.9 an EC2 instance using leapp tool. Then, I ran the Ansible playbook to remediate DISA STIG for Red Hat Enterprise Linux 8 (https://github.com/RedHatOfficial/ansible-role-rhel8-stig). It only applied a few medium and low-severity items. No CAT I findings even though it covers 120 high-severity items in the main yml. Any idea?