CUI

USNS MONTFORD POINT - Findings

Back to Ship Export CSV Download POA&M

Showing 4 of 4 findings (filtered) View Documentation Status (90 tracked)

Vuln ID	Severity	Asset	STIG	Title	Status	Doc Status	Assigned To	Actions
V-251553	CAT II	MONT-WS-92040	Mozilla Firefox Security Technical Imple...	Firefox must be configured to block pop-up windows...		-
Check Text Type "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix Text Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding Details Evaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be OPEN on 10/23/2025 ResultHash: D7E7F097AAE9B8E85E5D5E6C0ED9A8811FB0F349 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is NOT Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked (Not found) ----------------------------------------------------------------------- Source: _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Firefox_V6R6_20251023-142444.ckl Scan Date: 2026-01-14T12:57:25.596878 Technology Area: Windows Operating System
V-251553	CAT II	MONT-WS-92010	Mozilla Firefox Security Technical Imple...	Firefox must be configured to block pop-up windows...		-
Check Text Type "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix Text Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding Details Evaluate-STIG 1.2507.5 (Scan-MozillaFirefox_Checks) found this to be OPEN on 10/23/2025 ResultHash: D7E7F097AAE9B8E85E5D5E6C0ED9A8811FB0F349 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is NOT Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked (Not found) ----------------------------------------------------------------------- Source: _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Firefox_V6R6_20251023-141154.ckl Scan Date: 2026-01-14T12:57:27.870047 Technology Area: Windows Operating System
V-251553	CAT II	MONT-SW-89108	Mozilla Firefox Security Technical Imple...	Firefox must be configured to block pop-up windows...		-
Check Text Type "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix Text Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding Details Evaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 79D13E0D5E08D476288AC1ACC76FD0D293699304 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- Source: MONT-SW-89108_Firefox_V6R6_20251217-203042.ckl Scan Date: 2026-03-04T15:25:15.868210 Technology Area: Windows Operating System
V-251553	CAT II	MONT-SW-89134	Mozilla Firefox Security Technical Imple...	Firefox must be configured to block pop-up windows...		-
Check Text Type "about:policies" in the browser address bar. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Default" "true", this is a finding. If "PopupBlocking" is not displayed under Policy Name or the Policy Value is not "Locked" "true", this is a finding. "PopupBlocking" "Enabled" may be used to specify an allowlist of sites where pop-ups are desired, this is optional. Fix Text Windows group policy: 1. Open the group policy editor tool with "gpedit.msc". 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Mozilla\Firefox\Popups Policy Name: Block pop-ups from websites Policy State: Enabled Policy Name: Do not allow preferences to be changed Policy State: Enabled Optional: Policy Name: Allowed Sites Policy State: Enabled Click "Show..." and enter a list of websites to be allowlisted. macOS "plist" file: Add the following: <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>http://example.mil</string> <string>http://example.gov</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> Linux "policies.json" file: Add the following in the policies section: "PopupBlocking": { "Allow": ["http://example.mil/", "http://example.gov/"], "Default": true, "Locked": true} Finding Details Evaluate-STIG 1.2510.0 (Scan-MozillaFirefox_Checks) found this to be NOT A FINDING on 12/17/2025 ResultHash: 79D13E0D5E08D476288AC1ACC76FD0D293699304 ~~~~~ 'Block pop-ups from websites' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Default Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- 'Do not allow preferences to be changed' is Enabled Path: HKLM:\SOFTWARE\Policies\Mozilla\Firefox\PopupBlocking Name: Locked Value: 0x00000001 (1) Type: REG_DWORD ----------------------------------------------------------------------- Source: MONT-SW-89134_Firefox_V6R6_20251217-201244.ckl Scan Date: 2026-03-04T15:25:41.899130 Technology Area: Windows Operating System

CUI