V-218816
CAT IIAccess to web administration tools must be restricted to the web manager and the web managers designees.
- Ships Affected
- 2
- Total Findings
- 3
- Open
- 0
- Closed
- 3
Check Text
Right-click "InetMgr.exe", then click "Properties" from the "Context" menu.
Select the "Security" tab.
Review the groups and user names.
The following accounts may have Full control privileges:
TrustedInstaller
Web Managers
Web Manager designees
CREATOR OWNER
The following accounts may have read and execute, or read permissions:
Non Web Manager Administrators
ALL APPLICATION PACKAGES (built-in security group)
ALL RESTRICTED APPLICATION PACKAGES (built-in security group)
SYSTEM
Users
Specific users may be granted read and execute and read permissions.
Compare the local documentation authorizing specific users, against the users observed when reviewing the groups and users.
If any other access is observed, this is a finding.
Fix Text
Restrict access to the web administration tool to only the web manager and the web manager’s designees.
STIG Reference
- STIG
- Microsoft IIS 10.0 Server Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-218816r1067591_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb | Unassigned | 2026-03-12T15:38:14.420977 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl | Unassigned | 2026-01-14T12:57:35.201603 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl | Unassigned | 2026-01-14T12:57:32.874734 | View in Context |