| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-218817 | CAT II | SCHR-P3-DP-001 | Microsoft IIS 10.0 Server Security Techn... | The IIS 10.0 web server must not be running on a s... | - | |||
Check TextReview programs installed on the OS. Open Control Panel. Open Programs and Features. The following programs may be installed without any additional documentation: Administration Pack for IIS IIS Search Engine Optimization Toolkit Microsoft .NET Framework version 3.5 SP1 or greater Microsoft Web Platform Installer version 3.x or greater Virtual Machine Additions Review the installed programs, if any programs are installed other than those listed above, this is a finding. Note: If additional software is needed and has supporting documentation signed by the ISSO, this is not a finding. Fix TextRemove all unapproved programs and roles from the production web server. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-IIS10_0_Server_Checks) was unable to determine a Status but found the below configuration on 03/05/2026: ResultHash: 909864146B7EF18AC7E6CCAEB573BFB88320271A ~~~~~ Software installed on this system: ActivID ActivClient x64 Axway Desktop Validator CRLAutoCache DoD Secure Host Baseline Server InstallRoot Microsoft Edge Microsoft NetBanner Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130 Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33130 STIG Viewer 3 (Machine) Veritas Backup Exec Remote Agent for Windows WinZip 23.0 CommentsEnabled and enforced TLS 1.2 or higher in IIS 10.0 to ensure secure encrypted communication and protect against vulnerabilities in outdated protocols. This is Not a Finding
Source: SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb
Scan Date: 2026-03-12T15:38:14.420977
Technology Area: Web Review
|
||||||||