Vulnerability V-221563

V-221563

CAT III

Extensions that are approved for use must be allowlisted.

Ships Affected: 1
Total Findings: 4
Open: 0
Closed: 4

Check Text

Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If ExtensionInstallAllowlist is not displayed under the Policy Name column or it is not set to oiigbmnaadbkfbmpbfijlflahbdbdgdf or a list of administrator approved extension IDs, then this is a finding. Windows method: 1. Start regedit 2. Navigate to the key HKLM\Software\Policies\Google\Chrome\ExtensionInstallAllowlist 3. If the ExtensionInstallAllowlist key is not set to 1 and oiigbmnaadbkfbmpbfijlflahbdbdgdf or a list of administrator-approved extension IDs, then this is a finding.

Fix Text

Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Extensions\ Policy Name: Configure extension installation allowlist Policy State: Enabled Policy Value: oiigbmnaadbkfbmpbfijlflahbdbdgdf Note: oiigbmnaadbkfbmpbfijlflahbdbdgdfis the extension ID for scriptno (a commonly used Chrome extension), other extension IDs may vary.

STIG Reference

STIG: Google Chrome Current Windows Security Technical Implementation Guide
Version: 2
Release: 11
Rule ID: SV-221563r1015468_rule

All Occurrences

This vulnerability appears on 1 ship(s)

Ship	Hull #	Source File	Assigned To	Scan Date	Actions
USNS MONTFORD POINT	T-ESD-1	MONT-SW-89134_Chrome_V2R11_20251217-200930.ckl	Unassigned	2026-03-04T15:25:41.812659	View in Context
USNS MONTFORD POINT	T-ESD-1	MONT-SW-89108_Chrome_V2R11_20251217-202759.ckl	Unassigned	2026-03-04T15:25:15.778437	View in Context
USNS MONTFORD POINT	T-ESD-1	_Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_Chrome_V2R11_20251023-140804.ckl	Unassigned	2026-01-14T12:57:27.625294	View in Context
USNS MONTFORD POINT	T-ESD-1	_Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_Chrome_V2R11_20251023-142120.ckl	Unassigned	2026-01-14T12:57:25.338171	View in Context