V-218817
CAT IIThe IIS 10.0 web server must not be running on a system providing any other role.
- Ships Affected
- 2
- Total Findings
- 3
- Open
- 2
- Closed
- 1
Check Text
Review programs installed on the OS.
Open Control Panel.
Open Programs and Features.
The following programs may be installed without any additional documentation:
Administration Pack for IIS
IIS Search Engine Optimization Toolkit
Microsoft .NET Framework version 3.5 SP1 or greater
Microsoft Web Platform Installer version 3.x or greater
Virtual Machine Additions
Review the installed programs, if any programs are installed other than those listed above, this is a finding.
Note: If additional software is needed and has supporting documentation signed by the ISSO, this is not a finding.
Fix Text
Remove all unapproved programs and roles from the production web server.
STIG Reference
- STIG
- Microsoft IIS 10.0 Server Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-218817r961470_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb | Unassigned | 2026-03-12T15:38:14.420977 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl | Unassigned | 2026-01-14T12:57:35.201603 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl | Unassigned | 2026-01-14T12:57:32.874734 | View in Context |