| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-254243 | CAT II | SCHR-P3-DP-001 | Microsoft Windows Server 2022 Security T... | Windows Server 2022 manually managed application a... | - | |||
Check TextDetermine if manually managed application/service accounts exist. If none exist, this is NA. If passwords for manually managed application/service accounts are not changed at least annually or when an administrator with knowledge of the password leaves the organization, this is a finding. Identify manually managed application/service accounts. To determine the date a password was last changed: Domain controllers: Open "PowerShell". Enter "Get-AdUser -Identity [application account name] -Properties PasswordLastSet | FT Name, PasswordLastSet", where [application account name] is the name of the manually managed application/service account. If the "PasswordLastSet" date is more than one year old, this is a finding. Member servers and standalone or nondomain-joined systems: Open "Command Prompt". Enter 'Net User [application account name] | Find /i "Password Last Set"', where [application account name] is the name of the manually managed application/service account. If the "Password Last Set" date is more than one year old, this is a finding. Fix TextChange passwords for manually managed application/service accounts at least annually or when an administrator with knowledge of the password leaves the organization. It is recommended that system-managed service accounts be used whenever possible. CommentsEnsured that passwords for manually managed application and service accounts are changed at least annually or immediately upon the departure of an administrator with knowledge of the password. NOT A FINDING
Source: SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb
Scan Date: 2026-03-05T13:34:36
Technology Area: Windows Operating System
|
||||||||