WG470 W22 - Wscript.exe and Cscript.exe must only be accessible by the SA and/or the web administrator. - 'Cscript.exe'

Information

Windows Scripting Host (WSH) is installed under either a Typical or Custom installation option of a Microsoft Network Server. This technology permits the execution of powerful script files from the Windows NT command line. This technology is also classified as a Category I Mobile Code. If the access to these files is not tightly controlled, a malicious user could readily compromise the server by using a form to send input to these scripting engines.

Solution

Remove Wscript.exe and Cscript.exe files from the server, or restrict access to these files to the SA, the web administrator, and the system account.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_WIN_V1R13_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-33095r1_rule, STIG-ID|WG470_W22, Vuln-ID|V-2264

Plugin: Windows

Control ID: cfe653d6588ab69531a666bfbc81dcf7d79b63264e535a7f1eadb31f914a05ae