| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-218816 | CAT II | SCHR-P3-DP-001 | Microsoft IIS 10.0 Server Security Techn... | Access to web administration tools must be restric... | - | |||
Check TextRight-click "InetMgr.exe", then click "Properties" from the "Context" menu. Select the "Security" tab. Review the groups and user names. The following accounts may have Full control privileges: TrustedInstaller Web Managers Web Manager designees CREATOR OWNER The following accounts may have read and execute, or read permissions: Non Web Manager Administrators ALL APPLICATION PACKAGES (built-in security group) ALL RESTRICTED APPLICATION PACKAGES (built-in security group) SYSTEM Users Specific users may be granted read and execute and read permissions. Compare the local documentation authorizing specific users, against the users observed when reviewing the groups and users. If any other access is observed, this is a finding. Fix TextRestrict access to the web administration tool to only the web manager and the web manager’s designees. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-IIS10_0_Server_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: C7672C2E607627099A46E345AF4C5CCB919F07F7 ~~~~~ Path: C:\WINDOWS\system32\inetsrv\Inetmgr.exe OverallState: More restrictive than Expected Compliance: Compliant Unexpected rules... --------------------- State: MoreRestrictive Compliant: True Identity: CREATOR OWNER Type: N/A Basic: N/A Expected: FullControl Advanced: Expected: AppendData, ChangePermissions, CreateDirectories, CreateFiles, Delete, DeleteSubdirectoriesAndFiles, ExecuteFile, ListDirectory, ReadAttributes, ReadData, ReadExtendedAttributes, ReadPermissions, TakeOwnership, Traverse, WriteAttributes, WriteData, WriteExtendedAttributes Inherited: N/A AppliesTo: N/A Summary: Missing Rule: An expected rule with rights 'FullControl' was not found on the system. ---------------------
Source: SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb
Scan Date: 2026-03-12T15:38:14.420977
Technology Area: Web Review
|
||||||||