| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-218754 | CAT II | SCHR-P3-DP-001 | Microsoft IIS 10.0 Site Security Technic... | The IIS 10.0 website must be configured to limit t... | - | |||
Check TextFollow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click on the site name. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. If the "maxAllowedContentLength" value is not explicitly set to "2147483647" or less or a length documented and approved by the ISSO, this is a finding. Fix TextFollow the procedures below for each site hosted on the IIS 10.0 web server: Open the IIS 10.0 Manager. Click the site name under review. Double-click the "Request Filtering" icon. Click "Edit Feature Settings" in the "Actions" pane. Set the "maxAllowedContentLength" value to "2147483647" or less. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-IIS10_0_Site_Checks) found this to be NOT A FINDING on 03/05/2026 Site: Default Web Site ResultHash: 61B975D8C5C29BE38FE820498269486B83933521 ~~~~~ MaxAllowedContentLength is set to '30000000'
Source: SCHR-P3-DP-001_IIS10Site_Default_Web_Site_V2R14_20260305-133115.cklb
Scan Date: 2026-03-12T15:38:14.459023
Technology Area: Web Review
|
||||||||