CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 3 of 3 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-218758	CAT II	MONT-MB-002	Microsoft IIS 10.0 Site Security Technic...	Unlisted file extensions in URL requests must be f...		-
Check Text Note: If the server being reviewed is hosting SharePoint, this is Not Applicable. Note: If the server being reviewed is hosting Network Device Enrollment Services (NDES), this is Not Applicable. Note: If the server being reviewed is hosting Azure DevOps (ADO), this is Not Applicable. Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. If the "Allow unlisted file name extensions" check box is checked, this is a finding. Note: If this IIS 10.0 installation is supporting Microsoft Exchange, and not otherwise hosting any content, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting Splunk, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting WSUS, this requirement is Not Applicable. Fix Text Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. Uncheck the "Allow unlisted file extensions" check box. Finding Details Evaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Site: Default Web Site ResultHash: C4AC55E057470F8E3BE8026C2E97039D7E1B552C ~~~~~ Exchange service detected. If this server only hosts Microsoft Exchange, mark this check as NA. Service: MSExchangeServiceHost Status: Running Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Default_Web_Site_V2R12_20251023-152518.ckl Scan Date: 2026-01-14T12:57:33.098574 Technology Area: Web Review
V-218758	CAT II	MONT-MB-002	Microsoft IIS 10.0 Site Security Technic...	Unlisted file extensions in URL requests must be f...		-
Check Text Note: If the server being reviewed is hosting SharePoint, this is Not Applicable. Note: If the server being reviewed is hosting Network Device Enrollment Services (NDES), this is Not Applicable. Note: If the server being reviewed is hosting Azure DevOps (ADO), this is Not Applicable. Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. If the "Allow unlisted file name extensions" check box is checked, this is a finding. Note: If this IIS 10.0 installation is supporting Microsoft Exchange, and not otherwise hosting any content, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting Splunk, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting WSUS, this requirement is Not Applicable. Fix Text Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. Uncheck the "Allow unlisted file extensions" check box. Finding Details Evaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: Site: Exchange Back End ResultHash: C4AC55E057470F8E3BE8026C2E97039D7E1B552C ~~~~~ Exchange service detected. If this server only hosts Microsoft Exchange, mark this check as NA. Service: MSExchangeServiceHost Status: Running Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Exchange_Back_End_V2R12_20251023-152602.ckl Scan Date: 2026-01-14T12:57:33.300070 Technology Area: Web Review
V-218758	CAT II	MONT-DP-001	Microsoft IIS 10.0 Site Security Technic...	Unlisted file extensions in URL requests must be f...		-
Check Text Note: If the server being reviewed is hosting SharePoint, this is Not Applicable. Note: If the server being reviewed is hosting Network Device Enrollment Services (NDES), this is Not Applicable. Note: If the server being reviewed is hosting Azure DevOps (ADO), this is Not Applicable. Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. If the "Allow unlisted file name extensions" check box is checked, this is a finding. Note: If this IIS 10.0 installation is supporting Microsoft Exchange, and not otherwise hosting any content, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting Splunk, this requirement is Not Applicable. Note: If this IIS 10.0 installation is supporting WSUS, this requirement is Not Applicable. Fix Text Follow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. Uncheck the "Allow unlisted file extensions" check box. Finding Details Evaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) found this to be OPEN on 10/23/2025 Site: Default Web Site ResultHash: B5726175B8459E9B878193D0B97D55FA98562ED9 ~~~~~ AllowUnlisted is Enabled Comments If the server is hosting WSUS, this is Not Applicable. Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Site_Default_Web_Site_V2R12_20251023-143912.ckl Scan Date: 2026-01-14T12:57:35.375369 Technology Area: Web Review

CUI