WG210 W22 - Web content directories must not be anonymously shared.

Information

Sharing of web server content is a security risk when a web server is involved. Users accessing the share anonymously could experience privileged access to the content of such directories. Network sharable directories expose those directories and their contents to unnecessary access. Any unnecessary exposure increases the risk that someone could exploit that access and either compromises the web content or cause web server performance problems.

Solution

Remove the shares from the applicable directories.

See Also

https://iasecontent.disa.mil/stigs/zip/U_Apache_2-2_WIN_V1R13_STIG.zip

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6, CAT|II, Rule-ID|SV-33109r2_rule, STIG-ID|WG210_W22, Vuln-ID|V-2226

Plugin: Windows

Control ID: 82c55e428673d3aed0312d7903290c72989511267405eff02a5197c8107b314c