V-268325
CAT IIThe Request Smuggling filter must be enabled.
- Ships Affected
- 2
- Total Findings
- 3
- Open
- 2
- Closed
- 1
Check Text
Open Registry Editor.
Navigate to "HKLM\System\CurrentControlSet\Services\HTTP\Parameters"
Verify "DisableRequestSmuggling” is set to "1".
If REG_DWORD DisableRequestSmuggling is not set to 1, this is a finding.
Fix Text
Navigate to "HKLM\System\CurrentControlSet\Services\HTTP\Parameters".
Create REG_DWORD "DisableRequestSmuggling” and set it to "1".
Note: This can be performed multiple ways; this is an example.
STIG Reference
- STIG
- Microsoft IIS 10.0 Server Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-268325r1025163_rule
All Occurrences
This vulnerability appears on 2 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_IIS10Server_V3R6_20260305-132942.cklb | Unassigned | 2026-03-12T15:38:14.420977 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DP-001/Checklist/MONT-DP-001_IIS10Server_V3R4_20251023-143809.ckl | Unassigned | 2026-01-14T12:57:35.201603 | View in Context | |
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-MB-002/Checklist/MONT-MB-002_IIS10Server_V3R4_20251023-152431.ckl | Unassigned | 2026-01-14T12:57:32.874734 | View in Context |