Showing 1 of 1 findings
(filtered)
| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-268325 | CAT II | SCHR-P3-DP-001 | Microsoft IIS 10.0 Server Security Techn... | The Request Smuggling filter must be enabled. | - | |||
Check TextOpen Registry Editor. Navigate to "HKLM\System\CurrentControlSet\Services\HTTP\Parameters" Verify "DisableRequestSmuggling” is set to "1". If REG_DWORD DisableRequestSmuggling is not set to 1, this is a finding. Fix TextNavigate to "HKLM\System\CurrentControlSet\Services\HTTP\Parameters". Create REG_DWORD "DisableRequestSmuggling” and set it to "1". Note: This can be performed multiple ways; this is an example. Finding DetailsEvaluate-STIG 1.2601.0 (Scan-IIS10_0_Server_Checks) found this to be NOT A FINDING on 03/05/2026 ResultHash: 9C13D4E19413A0316E06B6FA6D701ADB52DBB1C6 ~~~~~ Registry Path: HKLM:\SYSTEM\CurrentControlSet\Services\HTTP\Parameters Value Name: DisableRequestSmuggling Value: 0x00000001 (1) Type: REG_DWORD
Source: SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb
Scan Date: 2026-03-12T15:38:14.420977
Technology Area: Web Review
|
||||||||