| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-218793 | CAT II | MONT-MB-002 | Microsoft IIS 10.0 Server Security Techn... | The IIS 10.0 web server must only contain function... | - | |||
Check TextClick “Start”. Open Control Panel. Click “Programs”. Click “Programs and Features”. Review the installed programs. If any programs are installed other than those required for the IIS 10.0 web services, this is a finding. Note: If additional software is needed, supporting documentation must be signed by the ISSO. Fix TextRemove all unapproved programs and roles from the production IIS 10.0 web server. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: 26B56AA4890034FEFE642B4B70A10F246553B7EA ~~~~~ Software installed on this system: ActivID ActivClient x64 Axway Desktop Validator CRLAutoCache DoD Secure Host Baseline Server IIS URL Rewrite Module 2 InstallRoot Microsoft Exchange Server 2016 Cumulative Update 23 Microsoft Lync Server 2013, Bootstrapper Prerequisites Installer Package Microsoft NetBanner Microsoft Server Speech Platform Runtime (x64) Microsoft Speech Platform VXML Runtime (x64) Microsoft Unified Communications Managed API 4.0, Runtime Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 Trellix Agent Trellix Data Loss Prevention - Endpoint Trellix Endpoint Security Firewall Trellix Endpoint Security Platform Trellix Endpoint Security Threat Prevention Trellix Policy Auditor Agent Trellix Security for Microsoft Exchange Trellix Solidifier Veritas Backup Exec Remote Agent for Windows WinZip 27.0 CommentsDocumentation
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl
Scan Date: 2026-01-14T12:57:32.874734
Technology Area: Web Review
|
||||||||
| V-218793 | CAT II | MONT-DP-001 | Microsoft IIS 10.0 Server Security Techn... | The IIS 10.0 web server must only contain function... | - | |||
Check TextClick “Start”. Open Control Panel. Click “Programs”. Click “Programs and Features”. Review the installed programs. If any programs are installed other than those required for the IIS 10.0 web services, this is a finding. Note: If additional software is needed, supporting documentation must be signed by the ISSO. Fix TextRemove all unapproved programs and roles from the production IIS 10.0 web server. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: 76962F0DD58B62702CD4E14318F6671588F2664D ~~~~~ Software installed on this system: ActivID ActivClient x64 Axway Desktop Validator CRLAutoCache DoD Secure Host Baseline Server InstallRoot Microsoft NetBanner Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 Trellix Agent Trellix Data Loss Prevention - Endpoint Trellix Endpoint Security Firewall Trellix Endpoint Security Platform Trellix Endpoint Security Threat Prevention Trellix Policy Auditor Agent Trellix Solidifier Veritas Backup Exec Remote Agent for Windows WinZip 27.0 CommentsDocumentation
Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl
Scan Date: 2026-01-14T12:57:35.201603
Technology Area: Web Review
|
||||||||