| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-254371 | CAT II | SCHR-P3-DP-001 | Microsoft Windows Server 2022 Security T... | Windows Server 2022 must disable Basic authenticat... | - | |||
Check TextThe default behavior is for the Windows RSS platform to not use Basic authentication over HTTP connections. If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0", this is not a finding. If it exists and is configured with a value of "1", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\ Value Name: AllowBasicAuthInClear Value Type: REG_DWORD Value: 0x00000000 (0) (or if the Value Name does not exist) Fix TextThe default behavior is for the Windows RSS platform to not use Basic authentication over HTTP connections. If this needs to be corrected, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> RSS Feeds >> Turn on Basic feed authentication over HTTP to "Not Configured" or "Disabled". Finding DetailsEvaluate-STIG 1.2601.0 (Scan-WindowsServer2022_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: DBE3AE0F4C497C7AEAE60DED97155CCE2444E026 ~~~~~ 'Turn on Basic feed authentication over HTTP' is Not Configured or Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds\ Value Name: AllowBasicAuthInClear Value: 0x00000000 (0) Type: REG_DWORD
Source: SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb
Scan Date: 2026-03-05T13:34:36
Technology Area: Windows Operating System
|
||||||||