USNS MONTFORD POINT - Findings

Showing 12 of 12 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Doc Status
V-225230	CAT II	MONT-WS-92040	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_DotNET4_V2R7_20251023-142306.ckl Scan Date: 2026-01-14T12:57:25.530570 Technology Area: Windows Operating System
V-225230	CAT II	MONT-WS-92010	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_DotNET4_V2R7_20251023-141005.ckl Scan Date: 2026-01-14T12:57:27.786540 Technology Area: Windows Operating System
V-225230	CAT II	MONT-VSF-004	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_DotNET4_V2R7_20251023-143711.ckl Scan Date: 2026-01-14T12:57:29.485524 Technology Area: Windows Operating System
V-225230	CAT II	MONT-VSF-003	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_DotNET4_V2R7_20251023-143732.ckl Scan Date: 2026-01-14T12:57:30.918773 Technology Area: Windows Operating System
V-225230	CAT II	MONT-MB-002	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_DotNET4_V2R7_20251023-152339.ckl Scan Date: 2026-01-14T12:57:32.355929 Technology Area: Windows Operating System
V-225230	CAT II	MONT-DP-001	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_DotNET4_V2R7_20251023-143731.ckl Scan Date: 2026-01-14T12:57:34.683670 Technology Area: Windows Operating System
V-225230	CAT II	MONT-DC-003	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_DotNET4_V2R7_20251023-171946.ckl Scan Date: 2026-01-14T12:57:36.663331 Technology Area: Windows Operating System
V-225230	CAT II	MONT-DB-002	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_DotNET4_V2R7_20251023-143930.ckl Scan Date: 2026-01-14T12:57:38.504147 Technology Area: Windows Operating System
V-225230	CAT II	MONT-BE-002	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_DotNET4_V2R7_20251023-143746.ckl Scan Date: 2026-01-14T12:57:39.853926 Technology Area: Windows Operating System
V-225230	CAT II	MONT-AP-002	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2507.5 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_DotNET4_V2R7_20251023-144010.ckl Scan Date: 2026-01-14T12:57:42.156893 Technology Area: Windows Operating System
V-225230	CAT II	MONT-SW-89108	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2510.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: MONT-SW-89108_DotNET4_V2R7_20251217-202821.ckl Scan Date: 2026-03-04T15:25:15.828600 Technology Area: Windows Operating System
V-225230	CAT II	MONT-SW-89134	Microsoft DotNet Framework 4.0 Security ...	The .NET CLR must be configured to use FIPS approv...	-
Check Text Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> By default, the .NET "enforceFIPSPolicy" element is set to "true". If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding. If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding. Fix Text Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element. Example: <configuration> <runtime> <enforceFIPSPolicy enabled="true\|false" /> </runtime> </configuration> Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting. Finding Details Evaluate-STIG 1.2510.0 (Scan-NETFramework4_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 665ECD2BE03F9086D5C3B003C3B3238D2C474D25 ~~~~~ No machine.config or *.exe.config files found with 'enforceFIPSPolicy enabled=false'. Source: MONT-SW-89134_DotNET4_V2R7_20251217-201000.ckl Scan Date: 2026-03-04T15:25:41.864254 Technology Area: Windows Operating System

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details

Check Text

Fix Text

Finding Details