0ccb829b-b4e0-45eb-9ba8-82a643949d74
Unencrypted remote access to a system can allow sensitive information to be compromised. Windows remote management connections must be encrypted to prevent this.
To fix this configure the policy value for:
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Client
|_ Allow unencrypted traffic to "Disabled".
STIG:
Server 2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2022-08-25/finding/V-254382
Server 2019: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93499 / https://www.stigviewer.com/stig/microsoft_windows_server_2019/2022-03-01/finding/V-205816
Server 2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2022-03-01/finding/V-224959
Desktop:
W10: https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220866 / https://www.stigviewer.com/stig/microsoft_windows_10/2022-04-08/finding/V-220866
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2022-06-24/finding/V-253417
Nist 800-53: AC-17(2),AC-17(a),CM-6(a),IA-5(1)(c),MA-4(6),SC-12(2),SC-12(3),SC-13
CIS: 5.2.10
CIS CSC V8: 12.7
CSA CCM v4: HRS-04
PCI v3.2:12.3.8, 12.3.9
PCI v4.0:12.2.1
SRG-OS-000393-GPOS-00173, SRG-OS-000394-GPOS-00174