CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 8 of 8 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-224877	CAT II	MONT-VSF-004	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_WinServer2016_V2R10_20251023-143909.ckl Scan Date: 2026-01-14T12:57:30.046447 Technology Area: Windows Operating System
V-224877	CAT II	MONT-VSF-003	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_WinServer2016_V2R10_20251023-143935.ckl Scan Date: 2026-01-14T12:57:31.534241 Technology Area: Windows Operating System
V-224877	CAT II	MONT-MB-002	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_WinServer2016_V2R10_20251023-152736.ckl Scan Date: 2026-01-14T12:57:33.842838 Technology Area: Windows Operating System
V-224877	CAT II	MONT-DP-001	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_WinServer2016_V2R10_20251023-144106.ckl Scan Date: 2026-01-14T12:57:35.637816 Technology Area: Windows Operating System
V-224877	CAT II	MONT-DC-003	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_WinServer2016_V2R10_20251023-172220.ckl Scan Date: 2026-01-14T12:57:37.248886 Technology Area: Windows Operating System
V-224877	CAT II	MONT-DB-002	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_WinServer2016_V2R10_20251023-144132.ckl Scan Date: 2026-01-14T12:57:39.082634 Technology Area: Windows Operating System
V-224877	CAT II	MONT-BE-002	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_WinServer2016_V2R10_20251023-143943.ckl Scan Date: 2026-01-14T12:57:41.363810 Technology Area: Windows Operating System
V-224877	CAT II	MONT-AP-002	Microsoft Windows Server 2016 Security T...	Permissions for the Application event log must pre...		-
Check Text Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control Fix Text Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog". Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Source: _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_WinServer2016_V2R10_20251023-144214.ckl Scan Date: 2026-01-14T12:57:42.721079 Technology Area: Windows Operating System

CUI