PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Remote Management: Windows Remote Management (WinRM) service must not use Basic authentication

4edbaac6-37f7-4a8f-a4d1-d5dd241d1c6d

Basic authentication uses plain-text passwords that could be used to compromise a system. Disabling Basic authentication will reduce this potential.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Service
|_ Allow Basic authentication to "Disabled".

STIG
Server
2022: https://stigviewer.com/stig/microsoft_windows_server_2022/2024-06-14/finding/V-254381
2019: https://stigviewer.com/stig/microsoft_windows_server_2019/2024-06-14/finding/V-205713

Desktop
W11: https://stigviewer.com/stigs/microsoft_windows_11/2024-06-10/finding/V-253418
W10: https://stigviewer.com/stigs/microsoft_windows_10/2024-06-13/finding/V-220865

NIST 800-53: MA-4c.
NIST 800-171 Rev 2: 3.7.5
NIST 800-171 Rev 3 FPD: 3.1.12.d 3.7.5.a 3.7.5.b 3.7.5.c
NIST 800-171A: 3.7.5[a] 3.7.5[b]
NIST 800-171 Rev IPD:: A.03.07.05.a[01] A.03.07.05.a[02] A.03.07.05.b A.03.07.05.c[01] A.03.07.05.c[02]
CMMC v2 L2: MA.L2-3.7.5
CMMC v2.1 L2: MA.L2-3.7.5
CAT: I
CCI: CCI-000877



Tags

compliance-desktop compliance-server stig-high-server desktop server security-server security-desktop stig-high-desktop nist800-171-desktop nist800-171-server nist800-53-desktop nist800-53-server cmmc2-l2-desktop cmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.