V-220805
CAT IIWindows 10 must be configured to prioritize ECC Curves with longer key lengths first.
- Ships Affected
- 1
- Total Findings
- 4
- Open
- 0
- Closed
- 4
Check Text
If the following registry value does not exist or is not configured as specified, this is a finding.
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Cryptography\Configuration\SSL\00010002\
Value Name: EccCurves
Value Type: REG_MULTI_SZ
Value: NistP384 NistP256
Fix Text
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> SSL Configuration Settings >> "ECC Curve Order" to "Enabled" with "ECC Curve Order:" including the following in the order listed:
NistP384
NistP256
STIG Reference
- STIG
- Microsoft Windows 10 Security Technical Implementation Guide
- Version
- 3
- Release
- 6
- Rule ID
- SV-220805r971535_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_Win10_V3R5_20251217-201218.ckl | Unassigned | 2026-03-04T15:25:42.339596 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_Win10_V3R5_20251217-203019.ckl | Unassigned | 2026-03-04T15:25:16.342077 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Win10_V3R4_20251023-141133.ckl | Unassigned | 2026-01-14T12:57:28.689048 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Win10_V3R4_20251023-142421.ckl | Unassigned | 2026-01-14T12:57:26.690022 | View in Context |