Skip to main content
CUI

Vulnerability V-225231

Back
Back to Ships

V-225231

CAT II

.NET must be configured to validate strong names on full-trust assemblies.

Ships Affected
2
Total Findings
13
Open
0
Closed
13

Check Text

If there is documented ISSO risk acceptance for development systems, this is not a finding. For 32 bit production systems: Use regedit to examine the “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework” key. On 64-bit production systems: Use regedit to examine both the “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework” and “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework” keys. If the "AllowStrongNameBypass" value does not exist, or if the “DWORD” value is set to “1”, this is a finding. Documentation must include a complete list of installed .Net applications, application versions, and acknowledgement that ISSO trusts each installed application. If application versions installed on the system do not match approval documentation, this is a finding.

Fix Text

For 32 bit production systems: Set “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\AllowStrongNameBypass" to a “DWORD” value of “0”. On 64-bit production systems: Set “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\ AllowStrongNameBypass” and “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\ AllowStrongNameBypass” to a “DWORD” value of “0”. Or, obtain documented ISSO risk acceptance for each .Net application installed on the system. Approval documentation will include complete list of all installed .Net applications, application versions, and acknowledgement of ISSO trust of each installed application.

STIG Reference

STIG
Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
Version
2
Release
8
Rule ID
SV-225231r961038_rule

All Occurrences

This vulnerability appears on 2 ship(s)

Ship Hull # Source File Status Assigned To Scan Date Actions
LAB BASELINES BASELINE SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb
Unassigned 2026-03-12T15:38:14.388995 View in Context
USNS MONTFORD POINT T-ESD-1 MONT-SW-89134_DotNET4_V2R7_20251217-201000.ckl
Unassigned 2026-03-04T15:25:41.864254 View in Context
USNS MONTFORD POINT T-ESD-1 MONT-SW-89108_DotNET4_V2R7_20251217-202821.ckl
Unassigned 2026-03-04T15:25:15.828600 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_DotNET4_V2R7_20251023-144010.ckl
Unassigned 2026-01-14T12:57:42.156893 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_DotNET4_V2R7_20251023-143746.ckl
Unassigned 2026-01-14T12:57:39.853926 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_DotNET4_V2R7_20251023-143930.ckl
Unassigned 2026-01-14T12:57:38.504147 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_DotNET4_V2R7_20251023-171946.ckl
Unassigned 2026-01-14T12:57:36.663331 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_DotNET4_V2R7_20251023-143731.ckl
Unassigned 2026-01-14T12:57:34.683670 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_DotNET4_V2R7_20251023-152339.ckl
Unassigned 2026-01-14T12:57:32.355929 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_DotNET4_V2R7_20251023-143732.ckl
Unassigned 2026-01-14T12:57:30.918773 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_DotNET4_V2R7_20251023-143711.ckl
Unassigned 2026-01-14T12:57:29.485524 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_DotNET4_V2R7_20251023-141005.ckl
Unassigned 2026-01-14T12:57:27.786540 View in Context
USNS MONTFORD POINT T-ESD-1 _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_DotNET4_V2R7_20251023-142306.ckl
Unassigned 2026-01-14T12:57:25.530570 View in Context
CUI