Disabling email forms running in Restricted Security Level must be configured.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17657	DTOO171 - InfoPath	SV-33636r1_rule		Medium

Description
InfoPath forms running with the restricted security level, can only access data stored on the forms. However, a malicious user could still send an e-mail form running with the restricted security level, in an attempt to access sensitive information provided by users. By default InfoPath e-mail forms running with the restricted security level can be opened.

STIG	Date
Microsoft InfoPath 2010 STIG	2018-04-03

Details

Check Text ( C-34100r1_chk )
The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> InfoPath e-mail forms “Disable e-mail forms running in restricted security level” must be set to “Enabled”. Procedure: Use the Windows Registry Editor to navigate to the following key: HKCU\Software\Policies\Microsoft\Office\14.0\infopath\security Criteria: If the value EnableRestrictedEMailForms is REG_DWORD = 0, this is not a finding.

Check Text ( C-34100r1_chk )

The policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> InfoPath e-mail forms “Disable e-mail forms running in restricted security level” must be set to “Enabled”.

Procedure: Use the Windows Registry Editor to navigate to the following key:

HKCU\Software\Policies\Microsoft\Office\14.0\infopath\security

Criteria: If the value EnableRestrictedEMailForms is REG_DWORD = 0, this is not a finding.

Fix Text (F-29779r1_fix)
Set the policy value for User Configuration -> Administrative Templates -> Microsoft InfoPath 2010 -> InfoPath e-mail forms “Disable e-mail forms running in restricted security level” to “Enabled”.