CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 5 of 5 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-213902	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	SQL Server must protect against a user falsely rep...		-
Check Text Execute the following query: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' If no users are returned, this is not a finding. If users are returned, determine whether each user is a computer account. Launch PowerShell. Execute the following code: Note: <name> represents the username portion of the user. For example; if the user is "CONTOSO\user1$", the username is "user1". ([ADSISearcher]"(&(ObjectCategory=Computer)(Name=<name>))").FindAll() If no account information is returned, this is not a finding. If account information is returned, this is a finding. Fix Text Remove all users that were returned in the check SQL Statement: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' To remove users: Run the following command for each user: DROP USER [ IF EXISTS ] <user_name>; Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) found this to be NOT A FINDING on 10/23/2025 Instance: MONT-BE-002\BKUPEXEC64 Database: BEDB ResultHash: B63E0AD1F33856D056FB50B5C1C7A78CE1BAEA67 ~~~~~ NOT A FINDING: The check query returned no results. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_BEDB_V3R3_20251023-143959.ckl Scan Date: 2026-01-14T12:57:40.371699 Technology Area: Database Review
V-213902	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	SQL Server must protect against a user falsely rep...		-
Check Text Execute the following query: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' If no users are returned, this is not a finding. If users are returned, determine whether each user is a computer account. Launch PowerShell. Execute the following code: Note: <name> represents the username portion of the user. For example; if the user is "CONTOSO\user1$", the username is "user1". ([ADSISearcher]"(&(ObjectCategory=Computer)(Name=<name>))").FindAll() If no account information is returned, this is not a finding. If account information is returned, this is a finding. Fix Text Remove all users that were returned in the check SQL Statement: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' To remove users: Run the following command for each user: DROP USER [ IF EXISTS ] <user_name>; Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) found this to be NOT A FINDING on 10/23/2025 Instance: MONT-BE-002\BKUPEXEC64 Database: master ResultHash: B63E0AD1F33856D056FB50B5C1C7A78CE1BAEA67 ~~~~~ NOT A FINDING: The check query returned no results. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_master_V3R3_20251023-144120.ckl Scan Date: 2026-01-14T12:57:40.470811 Technology Area: Database Review
V-213902	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	SQL Server must protect against a user falsely rep...		-
Check Text Execute the following query: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' If no users are returned, this is not a finding. If users are returned, determine whether each user is a computer account. Launch PowerShell. Execute the following code: Note: <name> represents the username portion of the user. For example; if the user is "CONTOSO\user1$", the username is "user1". ([ADSISearcher]"(&(ObjectCategory=Computer)(Name=<name>))").FindAll() If no account information is returned, this is not a finding. If account information is returned, this is a finding. Fix Text Remove all users that were returned in the check SQL Statement: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' To remove users: Run the following command for each user: DROP USER [ IF EXISTS ] <user_name>; Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) found this to be NOT A FINDING on 10/23/2025 Instance: MONT-BE-002\BKUPEXEC64 Database: model ResultHash: B63E0AD1F33856D056FB50B5C1C7A78CE1BAEA67 ~~~~~ NOT A FINDING: The check query returned no results. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_model_V3R3_20251023-144128.ckl Scan Date: 2026-01-14T12:57:40.569961 Technology Area: Database Review
V-213902	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	SQL Server must protect against a user falsely rep...		-
Check Text Execute the following query: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' If no users are returned, this is not a finding. If users are returned, determine whether each user is a computer account. Launch PowerShell. Execute the following code: Note: <name> represents the username portion of the user. For example; if the user is "CONTOSO\user1$", the username is "user1". ([ADSISearcher]"(&(ObjectCategory=Computer)(Name=<name>))").FindAll() If no account information is returned, this is not a finding. If account information is returned, this is a finding. Fix Text Remove all users that were returned in the check SQL Statement: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' To remove users: Run the following command for each user: DROP USER [ IF EXISTS ] <user_name>; Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) found this to be NOT A FINDING on 10/23/2025 Instance: MONT-BE-002\BKUPEXEC64 Database: msdb ResultHash: B63E0AD1F33856D056FB50B5C1C7A78CE1BAEA67 ~~~~~ NOT A FINDING: The check query returned no results. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_msdb_V3R3_20251023-144148.ckl Scan Date: 2026-01-14T12:57:40.663257 Technology Area: Database Review
V-213902	CAT II	MONT-BE-002	MS SQL Server 2016 Database Security Tec...	SQL Server must protect against a user falsely rep...		-
Check Text Execute the following query: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' If no users are returned, this is not a finding. If users are returned, determine whether each user is a computer account. Launch PowerShell. Execute the following code: Note: <name> represents the username portion of the user. For example; if the user is "CONTOSO\user1$", the username is "user1". ([ADSISearcher]"(&(ObjectCategory=Computer)(Name=<name>))").FindAll() If no account information is returned, this is not a finding. If account information is returned, this is a finding. Fix Text Remove all users that were returned in the check SQL Statement: SELECT name FROM sys.database_principals WHERE type in ('U','G') AND name LIKE '%$' To remove users: Run the following command for each user: DROP USER [ IF EXISTS ] <user_name>; Finding Details Evaluate-STIG 1.2507.5 (Scan-SqlServer2016Database_Checks) found this to be NOT A FINDING on 10/23/2025 Instance: MONT-BE-002\BKUPEXEC64 Database: tempdb ResultHash: B63E0AD1F33856D056FB50B5C1C7A78CE1BAEA67 ~~~~~ NOT A FINDING: The check query returned no results. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_SQL2016DB_MONT-BE-002-BKUPEXEC64_tempdb_V3R3_20251023-144154.ckl Scan Date: 2026-01-14T12:57:40.769694 Technology Area: Database Review

CUI