V-218799
CAT IIThe IIS 10.0 web server must have Web Distributed Authoring and Versioning (WebDAV) disabled.
- Ships Affected
- 2
- Total Findings
- 3
- Open
- 0
- Closed
- 3
Check Text
Open the IIS 10.0 Manager.
Click the IIS 10.0 web server name.
Review the features listed under the “IIS" section.
If the "WebDAV Authoring Rules" icon exists, this is a finding.
Fix Text
Access Server Manager on the IIS 10.0 web server.
Click the IIS 10.0 web server name.
Click on "Manage".
Select "Add Roles and Features".
Click "Next" in the "Before you begin" dialog box.
Select "Role-based or feature-based installation" on the "Installation Type" dialog box and click "Next".
Select the IIS 10.0 web server in the "Server Selection" dialog box.
From the "Windows Features" dialog box, navigate to "World Wide Web Services" >> "Common HTTP Features".
De-select "WebDAV Publishing", and click "Next" to complete removing the WebDAV Publishing feature from the IIS 10.0 web server.
STIG Reference
- STIG
- Microsoft IIS 10.0 Server Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-218799r960963_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb | Unassigned | 2026-03-12T15:38:14.420977 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl | Unassigned | 2026-01-14T12:57:35.201603 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl | Unassigned | 2026-01-14T12:57:32.874734 | View in Context |