CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 2 of 2 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-218814	CAT II	MONT-MB-002	Microsoft IIS 10.0 Server Security Techn...	IIS 10.0 web server system files must conform to m...		-
Check Text Open Explorer and navigate to the inetpub directory. Right-click "inetpub" and select "Properties". Click the "Security" tab. Verify the permissions for the following users; if the permissions are less restrictive, this is a finding. System: Full control Administrators: Full control TrustedInstaller: Full control ALL APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files ALL RESTRICTED APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files Users: Read and execute, list folder contents CREATOR OWNER: Full Control, Subfolders and files only Fix Text Open Explorer and navigate to the inetpub directory. Right-click "inetpub" and select "Properties". Click the "Security" tab. Set the following permissions: System: Full control Administrators: Full control TrustedInstaller: Full control ALL APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files ALL RESTRICTED APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files Users: Read and execute, list folder contents CREATOR OWNER: Full Control, Subfolders and files only Finding Details Evaluate-STIG 1.2507.5 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: C8ECB1BDD611075433288017727605DD917A8B21 ~~~~~ ACL for C:\inetpub: FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : -1610612736 AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : ReadAndExecute, Synchronize AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : NT SERVICE\TrustedInstaller IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : NT SERVICE\TrustedInstaller IsInherited : False InheritanceFlags : None PropagationFlags : None Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl Scan Date: 2026-01-14T12:57:32.874734 Technology Area: Web Review
V-218814	CAT II	MONT-DP-001	Microsoft IIS 10.0 Server Security Techn...	IIS 10.0 web server system files must conform to m...		-
Check Text Open Explorer and navigate to the inetpub directory. Right-click "inetpub" and select "Properties". Click the "Security" tab. Verify the permissions for the following users; if the permissions are less restrictive, this is a finding. System: Full control Administrators: Full control TrustedInstaller: Full control ALL APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files ALL RESTRICTED APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files Users: Read and execute, list folder contents CREATOR OWNER: Full Control, Subfolders and files only Fix Text Open Explorer and navigate to the inetpub directory. Right-click "inetpub" and select "Properties". Click the "Security" tab. Set the following permissions: System: Full control Administrators: Full control TrustedInstaller: Full control ALL APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files ALL RESTRICTED APPLICATION PACKAGES (built-in security group): Read and execute, This folder, subfolders and files Users: Read and execute, list folder contents CREATOR OWNER: Full Control, Subfolders and files only Finding Details Evaluate-STIG 1.2507.5 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: C8ECB1BDD611075433288017727605DD917A8B21 ~~~~~ ACL for C:\inetpub: FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : CREATOR OWNER IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : NT AUTHORITY\SYSTEM IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : BUILTIN\Administrators IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : -1610612736 AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : ReadAndExecute, Synchronize AccessControlType : Allow IdentityReference : BUILTIN\Users IsInherited : False InheritanceFlags : None PropagationFlags : None FileSystemRights : 268435456 AccessControlType : Allow IdentityReference : NT SERVICE\TrustedInstaller IsInherited : False InheritanceFlags : ContainerInherit, ObjectInherit PropagationFlags : InheritOnly FileSystemRights : FullControl AccessControlType : Allow IdentityReference : NT SERVICE\TrustedInstaller IsInherited : False InheritanceFlags : None PropagationFlags : None Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl Scan Date: 2026-01-14T12:57:35.201603 Technology Area: Web Review

CUI