V-218744
CAT IIMappings to unused and vulnerable scripts on the IIS 10.0 website must be removed.
- Ships Affected
- 2
- Total Findings
- 4
- Open
- 3
- Closed
- 1
Check Text
Note: If the server being reviewed is hosting SharePoint, this is not applicable.
For Handler Mappings, the ISSO must document and approve all allowable scripts the website allows (whitelist) and denies (blacklist). The whitelist and blacklist will be compared to the Handler Mappings in IIS 10.0. Handler Mappings at the site level take precedence over Handler Mappings at the server level.
Open the IIS 10.0 Manager.
Click the site name under review.
Double-click "Handler Mappings".
If any script file extensions from the blacklist are enabled, this is a finding.
Fix Text
Open the IIS 10.0 Manager.
Click the site name under review.
Double-click "Handler Mappings".
Remove any script file extensions listed on the black list that are enabled.
Select "Apply" from the "Actions" pane.
STIG Reference
- STIG
- Microsoft IIS 10.0 Site Security Technical Implementation Guide
- Version
- 2
- Release
- 15
- Rule ID
- SV-218744r1135545_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Site_Default_Web_Site_V2R14_20260305-133115.cklb | Unassigned | 2026-03-12T15:38:14.459023 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Site_Default_Web_Site_V2R12_20251023-143912.ckl | Unassigned | 2026-01-14T12:57:35.375369 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Exchange_Back_End_V2R12_20251023-152602.ckl | Unassigned | 2026-01-14T12:57:33.300070 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Default_Web_Site_V2R12_20251023-152518.ckl | Unassigned | 2026-01-14T12:57:33.098574 | View in Context |