Showing 1 unique vulnerabilities (1 total)
(filtered)
View Documentation Status (90 tracked)
1 asset
1 Open
Microsoft Exchange 2...
| Hostname | IP Address | Status | Assigned To | Last Scan | Actions |
|---|---|---|---|---|---|
| MONT-MB-002 | 164.231.187.36 | 2026-01-14 | |||
Finding DetailsEvaluate-STIG 1.2507.5 (Scan-MSExchange2016MB_Checks) found this to be OPEN on 10/23/2025 ResultHash: 4EA59F616166BD941B5943C6CD5AE4C5B913F7ED ~~~~~ MONT-MB-002 FormsAuthentication: True [Expected False] Comments |
|||||
Check Text
Open the Exchange Management Shell and enter the following command: Get-OwaVirtualDirectory | Select ServerName, Name, Identity, FormsAuthentication If the value of "FormsAuthentication" is not set to "False", this is a finding.
Fix Text
Open the Exchange Management Shell and enter the following command: Set-OwaVirtualDirectory -Identity <'IdentityName'> -FormsAuthentication $false Note: <IdentityName> must be in single quotes. Example for the Identity Name: <ServerName>\owa (Default website) Restart the ISS service.