| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-220782 | CAT II | MONT-WS-92040 | Microsoft Windows 10 Security Technical ... | Windows 10 permissions for the Application event l... | - | |||
Check TextVerify the permissions on the Application event log (Application.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding. Fix TextEnsure the permissions on the Application event log (Application.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) ---------------------
Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Win10_V3R4_20251023-142421.ckl
Scan Date: 2026-01-14T12:57:26.690022
Technology Area: Windows Operating System
|
||||||||
| V-220782 | CAT II | MONT-WS-92010 | Microsoft Windows 10 Security Technical ... | Windows 10 permissions for the Application event l... | - | |||
Check TextVerify the permissions on the Application event log (Application.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding. Fix TextEnsure the permissions on the Application event log (Application.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-Windows10_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) ---------------------
Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Win10_V3R4_20251023-141133.ckl
Scan Date: 2026-01-14T12:57:28.689048
Technology Area: Windows Operating System
|
||||||||
| V-220782 | CAT II | MONT-SW-89108 | Microsoft Windows 10 Security Technical ... | Windows 10 permissions for the Application event l... | - | |||
Check TextVerify the permissions on the Application event log (Application.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding. Fix TextEnsure the permissions on the Application event log (Application.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) ---------------------
Source: MONT-SW-89108_Win10_V3R5_20251217-203019.ckl
Scan Date: 2026-03-04T15:25:16.342077
Technology Area: Windows Operating System
|
||||||||
| V-220782 | CAT II | MONT-SW-89134 | Microsoft Windows 10 Security Technical ... | Windows 10 permissions for the Application event l... | - | |||
Check TextVerify the permissions on the Application event log (Application.evtx). Standard user accounts or groups must not have access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. They may have been moved to another folder. If the permissions for these files are not as restrictive as the ACLs listed, this is a finding. NOTE: If "APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES" has Special Permissions, this would not be a finding. Fix TextEnsure the permissions on the Application event log (Application.evtx) are configured to prevent standard user accounts or groups from having access. The default permissions listed below satisfy this requirement. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\SYSTEM32\WINEVT\LOGS" directory. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding DetailsEvaluate-STIG 1.2510.0 (Scan-Windows10_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) ---------------------
Source: MONT-SW-89134_Win10_V3R5_20251217-201218.ckl
Scan Date: 2026-03-04T15:25:42.339596
Technology Area: Windows Operating System
|
||||||||