| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-224841 | CAT II | MONT-VSF-004 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_WinServer2016_V2R10_20251023-143909.ckl
Scan Date: 2026-01-14T12:57:30.046447
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-VSF-003 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_WinServer2016_V2R10_20251023-143935.ckl
Scan Date: 2026-01-14T12:57:31.534241
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-MB-002 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: F302F3BFDE7B2B329AD1AFE97E8A74F69D634011 ~~~~~ The following non-system-created shares have been identified. Verify permissions for each is appropriate: Name: address (E:\ExchangeV15\Mailbox\address) Path: E:\ExchangeV15\Mailbox\address --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\montford.exchange File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: NT AUTHORITY\Authenticated Users File System Rights: Read, Synchronize Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: None Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Name: CertificateRequests (C:\CertificateRequests) Path: C:\CertificateRequests --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: CreateFiles Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: ReadAndExecute, Synchronize Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: AppendData Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: CREATOR OWNER File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: InheritOnly Identity Reference: MONTFORD-POINT\montford.exchange File System Rights: FullControl Inheritance Flags: None Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None
Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_WinServer2016_V2R10_20251023-152736.ckl
Scan Date: 2026-01-14T12:57:33.842838
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-DP-001 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_WinServer2016_V2R10_20251023-144106.ckl
Scan Date: 2026-01-14T12:57:35.637816
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-DC-003 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServer2016_V2R10_20251023-172220.ckl
Scan Date: 2026-01-14T12:57:37.248886
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-DB-002 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_WinServer2016_V2R10_20251023-144132.ckl
Scan Date: 2026-01-14T12:57:39.082634
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-BE-002 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT APPLICABLE on 10/23/2025 ResultHash: FE6E08BCA44D55D33AD47289B0481DA21EA7058A ~~~~~ Only system-created shares exist on this system so this requirement is NA.
Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_WinServer2016_V2R10_20251023-143943.ckl
Scan Date: 2026-01-14T12:57:41.363810
Technology Area: Windows Operating System
|
||||||||
| V-224841 | CAT II | MONT-AP-002 | Microsoft Windows Server 2016 Security T... | Non-system-created file shares on a system must li... | - | |||
Check TextIf only system-created shares such as "ADMIN$", "C$", and "IPC$" exist on the system, this is NA. (System-created shares will display a message that it has been shared for administrative purposes when "Properties" is selected.) Run "Computer Management". Navigate to System Tools >> Shared Folders >> Shares. Right-click any non-system-created shares. Select "Properties". Select the "Share Permissions" tab. If the file shares have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Select the "Security" tab. If the permissions have not been configured to restrict permissions to the specific groups or accounts that require access, this is a finding. Fix TextIf a non-system-created share is required on a system, configure the share and NTFS permissions to limit access to the specific groups or accounts that require it. Remove any unnecessary non-system-created shares. Finding DetailsEvaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) was unable to determine a Status but found the below configuration on 10/23/2025: ResultHash: F915C7251A4E90CA60C449A93F6E7915DDC9F180 ~~~~~ The following non-system-created shares have been identified. Verify permissions for each is appropriate: Name: Common (E:\Common) Path: E:\Common --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: Everyone File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\D.Admin File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\Joshua.J.Jordan File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\MONTFORD-POINT CHENG-1-1860720990 File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\MONTFORD-POINT CHMATE-1915368927 File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\MONTFORD-POINT MASTER-1-1408640001 File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\MONTFORD-POINT RADIO-1-199284185 File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\Ryan.W.Arnold File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\S.Admin File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\Steven.Corachan File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: MONTFORD-POINT\Thomas.C.Kozarski File System Rights: ReadAndExecute, Synchronize Inheritance Flags: None Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Name: CRL (E:\CRL) Path: E:\CRL --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: ReadAndExecute, Synchronize Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: AppendData Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: CreateFiles Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: CREATOR OWNER File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: InheritOnly Identity Reference: MONTFORD-POINT\D.Admin File System Rights: FullControl Inheritance Flags: None Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Name: Profiles (E:\Profiles) Path: E:\Profiles --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: Everyone File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\D.Admin File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Name: Users (E:\Users) Path: E:\Users --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: Everyone File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: MONTFORD-POINT\D.Admin File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Name: Vol1 (E:\Vol1) Path: E:\Vol1 --------------------------------------------- Identity Reference: BUILTIN\Administrators File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: ReadAndExecute, Synchronize Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: AppendData Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: BUILTIN\Users File System Rights: CreateFiles Inheritance Flags: ContainerInherit Propagation Flags: None Identity Reference: CREATOR OWNER File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: InheritOnly Identity Reference: MONTFORD-POINT\D.Admin File System Rights: FullControl Inheritance Flags: None Propagation Flags: None Identity Reference: NT AUTHORITY\SYSTEM File System Rights: FullControl Inheritance Flags: ContainerInherit, ObjectInherit Propagation Flags: None CommentsDocumentation
Source: _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_WinServer2016_V2R10_20251023-144214.ckl
Scan Date: 2026-01-14T12:57:42.721079
Technology Area: Windows Operating System
|
||||||||