V-225236
CAT IISoftware utilizing .Net 4.0 must be identified and relevant access controls configured.
- Ships Affected
- 2
- Total Findings
- 13
- Open
- 1
- Closed
- 12
Check Text
This requirement does not apply to the "caspol.exe" assembly or other assemblies provided with the Windows OS or the Windows Secure Host Baseline (SHB).
Ask the system administrator to provide documentation that identifies:
- Each .Net 4.0 application run on the system.
- The .Net runtime host that invokes the application.
- The security measures employed to control application access to system resources or user access to application.
For additional insight run: tasklist /fi "modules eq mscoree.dll"
If all .Net applications, runtime hosts and security protections have been documented or if there are no .Net 4.0 applications existing on the system, this is not a finding.
If there is no documentation that identifies the existence of .NET 4.0 applications or the lack thereof, this is a finding.
If the runtime hosts have not been identified, this is a finding.
If the security protections have not been identified, this is a finding.
Fix Text
Document the existence of all .Net 4.0 applications that are not provided by the host Windows OS or the Windows Secure Host Baseline (SHB).
Document the corresponding runtime hosts that are used to invoke the applications.
Document the applications security control requirements (restricting application access to resources or user access to the application).
STIG Reference
- STIG
- Microsoft DotNet Framework 4.0 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-225236r1117179_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_DotNET4_V2R7_20260305-132722.cklb | Unassigned | 2026-03-12T15:38:14.388995 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89134_DotNET4_V2R7_20251217-201000.ckl | Unassigned | 2026-03-04T15:25:41.864254 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | MONT-SW-89108_DotNET4_V2R7_20251217-202821.ckl | Unassigned | 2026-03-04T15:25:15.828600 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-AP-002/Checklist/MONT-AP-002_DotNET4_V2R7_20251023-144010.ckl | Unassigned | 2026-01-14T12:57:42.156893 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-BE-002/Checklist/MONT-BE-002_DotNET4_V2R7_20251023-143746.ckl | Unassigned | 2026-01-14T12:57:39.853926 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DB-002/Checklist/MONT-DB-002_DotNET4_V2R7_20251023-143930.ckl | Unassigned | 2026-01-14T12:57:38.504147 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_DotNET4_V2R7_20251023-171946.ckl | Unassigned | 2026-01-14T12:57:36.663331 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_DotNET4_V2R7_20251023-143731.ckl | Unassigned | 2026-01-14T12:57:34.683670 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_DotNET4_V2R7_20251023-152339.ckl | Unassigned | 2026-01-14T12:57:32.355929 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-VSF-003/Checklist/MONT-VSF-003_DotNET4_V2R7_20251023-143732.ckl | Unassigned | 2026-01-14T12:57:30.918773 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-VSF-004/Checklist/MONT-VSF-004_DotNET4_V2R7_20251023-143711.ckl | Unassigned | 2026-01-14T12:57:29.485524 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92010/Checklist/MONT-WS-92010_DotNET4_V2R7_20251023-141005.ckl | Unassigned | 2026-01-14T12:57:27.786540 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-WS-92040/Checklist/MONT-WS-92040_DotNET4_V2R7_20251023-142306.ckl | Unassigned | 2026-01-14T12:57:25.530570 | View in Context |