PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Remote Management: Windows Remote Management (WinRM) client must not allow unencrypted traffic

0ccb829b-b4e0-45eb-9ba8-82a643949d74

Unencrypted remote access to a system can allow sensitive information to be compromised. Windows remote management connections must be encrypted to prevent this.

Remediation

To fix this configure the policy value for:
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Client
|_ Allow unencrypted traffic to "Disabled".

STIG:
Server
2022: https://stigviewer.com/stigs/microsoft_windows_server_2022/2022-08-25/finding/V-254382
2019: https://stigviewer.com/stigs/microsoft_windows_server_2019/2025-01-15/finding/V-205817

Desktop:
W11: https://stigviewer.com/stigs/microsoft_windows_11/2022-06-24/finding/V-253417
W10: https://stigviewer.com/stigs/microsoft_windows_10/2022-04-08/finding/V-220866

Nist 800-53: AC-17(2),AC-17(a),CM-6(a),IA-5(1)(c),MA-4(6),SC-12(2),SC-12(3),SC-13
CIS: 5.2.10
CIS CSC V8: 12.7
CSA CCM v4: HRS-04
PCI v3.2:12.3.8, 12.3.9
PCI v4.0:12.2.1

SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174



Tags

stig-medium-server stig-medium-desktop desktop compliance-server compliance-desktop server security-desktop security-server nist800-53-desktop nist800-53-server pci-dss-v4-desktop pci-dss-v4-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.