| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-218780 | CAT II | MONT-MB-002 | Microsoft IIS 10.0 Site Security Technic... | Interactive scripts on the IIS 10.0 web server mus... | - | |||
Check TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is Not Applicable. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web site name and select "Explore". Search for the listed script extensions. Review the permissions to the CGI scripts and verify only the permissions listed, or more restrictive permissions are assigned. Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ If the permissions are less restrictive than listed above, this is a finding. Fix TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is NA. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web server name and select "Explore". Search for the listed script extensions. Set the permissions to the CGI scripts as follows: Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ Finding DetailsEvaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) found this to be NOT APPLICABLE on 10/23/2025 Site: Default Web Site ResultHash: 6A077B4054A7B71BCF2A558FC6BFD199ED9070AA ~~~~~ CGI is not installed so this requirement is NA.
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Default_Web_Site_V2R12_20251023-152518.ckl
Scan Date: 2026-01-14T12:57:33.098574
Technology Area: Web Review
|
||||||||
| V-218780 | CAT II | MONT-MB-002 | Microsoft IIS 10.0 Site Security Technic... | Interactive scripts on the IIS 10.0 web server mus... | - | |||
Check TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is Not Applicable. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web site name and select "Explore". Search for the listed script extensions. Review the permissions to the CGI scripts and verify only the permissions listed, or more restrictive permissions are assigned. Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ If the permissions are less restrictive than listed above, this is a finding. Fix TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is NA. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web server name and select "Explore". Search for the listed script extensions. Set the permissions to the CGI scripts as follows: Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ Finding DetailsEvaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) found this to be NOT APPLICABLE on 10/23/2025 Site: Exchange Back End ResultHash: 6A077B4054A7B71BCF2A558FC6BFD199ED9070AA ~~~~~ CGI is not installed so this requirement is NA.
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Exchange_Back_End_V2R12_20251023-152602.ckl
Scan Date: 2026-01-14T12:57:33.300070
Technology Area: Web Review
|
||||||||
| V-218780 | CAT II | MONT-DP-001 | Microsoft IIS 10.0 Site Security Technic... | Interactive scripts on the IIS 10.0 web server mus... | - | |||
Check TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is Not Applicable. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web site name and select "Explore". Search for the listed script extensions. Review the permissions to the CGI scripts and verify only the permissions listed, or more restrictive permissions are assigned. Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ If the permissions are less restrictive than listed above, this is a finding. Fix TextDetermine whether scripts are used on the web server for the subject website. Common file extensions include, but are not limited to: .cgi, .pl, .vb, .class, .c, .php, and .asp. If the website does not utilize CGI, this finding is NA. All interactive programs must have restrictive permissions. Open the IIS 10.0 Manager. Right-click the IIS 10.0 web server name and select "Explore". Search for the listed script extensions. Set the permissions to the CGI scripts as follows: Administrators: FULL Web Administrators: FULL TrustedInstaller: FULL ALL APPLICATION PACKAGES: Read ALL RESTRICTED APPLICATION PACKAGES: Read SYSTEM: FULL ApplicationPoolId: READ Custom Service Account: READ Users: READ Finding DetailsEvaluate-STIG 1.2507.5 (Scan-IIS10_0_Site_Checks) found this to be NOT APPLICABLE on 10/23/2025 Site: Default Web Site ResultHash: 6A077B4054A7B71BCF2A558FC6BFD199ED9070AA ~~~~~ CGI is not installed so this requirement is NA.
Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Site_Default_Web_Site_V2R12_20251023-143912.ckl
Scan Date: 2026-01-14T12:57:35.375369
Technology Area: Web Review
|
||||||||