V-254255
CAT IIIWindows Server 2022 nonadministrative accounts or groups must only have print permissions on printer shares.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
Open "Printers & scanners" in "Settings".
If there are no printers configured, this is NA. (Exclude Microsoft Print to PDF and Microsoft XPS Document Writer, which do not support sharing.)
For each printer:
Select the printer and "Manage".
Select "Printer Properties".
Select the "Sharing" tab.
If "Share this printer" is checked, select the "Security" tab.
If any standard user accounts or groups have permissions other than "Print", this is a finding.
The default is for the "Everyone" group to be given "Print" permission.
"All APPLICATION PACKAGES" and "CREATOR OWNER" are not standard user accounts.
Fix Text
Configure the permissions on shared printers to restrict standard users to only have Print permissions.
STIG Reference
- STIG
- Microsoft Windows Server 2022 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-254255r1137691_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb | Unassigned | 2026-03-05T13:34:36 | View in Context |