e4dd3ff4-f585-4e08-b91e-8bb3e02737c5
Basic authentication uses plain-text passwords that could be used to compromise a system. Disabling Basic authentication will reduce this potential.
To fix this, configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Client
|_ Allow Basic authentication to "Disabled".
STIG: Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254378
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2022-03-01/finding/V-205711 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93503
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-224958 / stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73593
Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253416
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2022-04-08/finding/V-220862 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220862
NIST 800-53: MA-4c.
NIST 800-171 Rev 2: 3.7.5
NIST 800-171 Rev 3 FPD: 3.1.12.d 3.7.5.a 3.7.5.b 3.7.5.c
NIST 800-171A: 3.7.5[a] 3.7.5[b]
NIST 800-171 Rev IPD:: A.03.07.05.a[01] A.03.07.05.a[02] A.03.07.05.b A.03.07.05.c[01] A.03.07.05.c[02]
CMMC v2 L2: MA.L2-3.7.5
CMMC v2.1 L2: MA.L2-3.7.5
CAT: I
CCI: CCI-000877
Rule-ID: SV-220862r877395_rule
STIG-ID: WN10-CC-000330
STIG-Legacy: SV-77825
STIG-Legacy: V-63335
Vuln-ID: V-220862