V-218771
CAT IIThe IIS 10.0 website must have a unique application pool.
- Ships Affected
- 2
- Total Findings
- 4
- Open
- 0
- Closed
- 2
Check Text
Note: If the IIS Application Pool is hosting Microsoft SharePoint, this is not applicable.
Note: If the IIS 10.0 installation is supporting Microsoft Exchange and is not otherwise hosting any content, this requirement is not applicable.
Open the IIS 10.0 Manager.
Click "Application Pools".
In the list of Application Pools, right-click any Application Pool, and select View Applications.
Remove the filter using the prompt.
Compare the Site and Application Pool columns. If any Application Pools are being used for more than one Site, this is a finding.
Fix Text
Open the IIS 10.0 Manager.
Click the site name under review.
Assign a unique application pool to each website.
STIG Reference
- STIG
- Microsoft IIS 10.0 Site Security Technical Implementation Guide
- Version
- 2
- Release
- 15
- Rule ID
- SV-218771r1192784_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Site_Default_Web_Site_V2R14_20260305-133115.cklb | Unassigned | 2026-03-12T15:38:14.459023 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Site_Default_Web_Site_V2R12_20251023-143912.ckl | Unassigned | 2026-01-14T12:57:35.375369 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Exchange_Back_End_V2R12_20251023-152602.ckl | Unassigned | 2026-01-14T12:57:33.300070 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Site_Default_Web_Site_V2R12_20251023-152518.ckl | Unassigned | 2026-01-14T12:57:33.098574 | View in Context |