V-225230
CAT IIThe .NET CLR must be configured to use FIPS approved encryption modules.
- Ships Affected
- 2
- Total Findings
- 13
- Open
- 0
- Closed
- 13
Check Text
Examine the .NET CLR configuration files from the vulnerability discussion to find the runtime element and then the "enforceFIPSPolicy" element.
Example:
<configuration>
<runtime>
<enforceFIPSPolicy enabled="true|false" />
</runtime>
</configuration>
By default, the .NET "enforceFIPSPolicy" element is set to "true".
If the "enforceFIPSPolicy" element does not exist within the "runtime" element of the CLR configuration, this is not a finding.
If the "enforceFIPSPolicy" element exists and is set to "false", and the IAO has not accepted the risk and documented the risk acceptance, this is a finding.
Fix Text
Examine the .NET CLR configuration files to find the runtime element and then the "enforceFIPSPolicy" element.
Example:
<configuration>
<runtime>
<enforceFIPSPolicy enabled="true|false" />
</runtime>
</configuration>
Delete the "enforceFIPSPolicy" runtime element, change the setting to "true" or there must be documented IAO approvals for the FIPS setting.
STIG Reference
- STIG
- Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-225230r1117185_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb | Unassigned | 2026-03-12T15:38:14.388995 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_DotNET4_V2R7_20251217-201000.ckl | Unassigned | 2026-03-04T15:25:41.864254 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_DotNET4_V2R7_20251217-202821.ckl | Unassigned | 2026-03-04T15:25:15.828600 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_DotNET4_V2R7_20251023-144010.ckl | Unassigned | 2026-01-14T12:57:42.156893 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_DotNET4_V2R7_20251023-143746.ckl | Unassigned | 2026-01-14T12:57:39.853926 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_DotNET4_V2R7_20251023-143930.ckl | Unassigned | 2026-01-14T12:57:38.504147 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_DotNET4_V2R7_20251023-171946.ckl | Unassigned | 2026-01-14T12:57:36.663331 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_DotNET4_V2R7_20251023-143731.ckl | Unassigned | 2026-01-14T12:57:34.683670 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_DotNET4_V2R7_20251023-152339.ckl | Unassigned | 2026-01-14T12:57:32.355929 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_DotNET4_V2R7_20251023-143732.ckl | Unassigned | 2026-01-14T12:57:30.918773 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_DotNET4_V2R7_20251023-143711.ckl | Unassigned | 2026-01-14T12:57:29.485524 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_DotNET4_V2R7_20251023-141005.ckl | Unassigned | 2026-01-14T12:57:27.786540 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_DotNET4_V2R7_20251023-142306.ckl | Unassigned | 2026-01-14T12:57:25.530570 | View in Context |