Remote Management: Windows Remote Management (WinRM) client must not use Digest authentication

1a0eb6a5-9009-4dc3-b12f-bed65052c49d

Digest authentication is not as strong as other options and may be subject to man-in-the-middle attacks. Disallowing Digest authentication will reduce this potential.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Client
|_ Disallow Digest authentication = "Enabled"

STIG:
Server:
2022: https://www.stigviewer.com/stig/microsoft_windows_server_2022/2023-09-11/finding/V-254380
2019: https://www.stigviewer.com/stig/microsoft_windows_server_2019/2023-09-11/finding/V-205712 / https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93505
2016: https://www.stigviewer.com/stig/microsoft_windows_server_2016/2023-08-22/finding/V-224960 / https://www.stigviewer.com/stig/windows_server_2016/2020-06-16/finding/V-73597

Desktop:
W11: https://www.stigviewer.com/stig/microsoft_windows_11/2023-09-29/finding/V-253421
W10: https://www.stigviewer.com/stig/microsoft_windows_10/2023-09-29/finding/V-220868 / https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220868

Nist 800-53: CM-1, CM-2, CM-6, CM-7, CM-7(1), CM-9, SA-3, SA-8, SA-10
Nist 800-171A: 3.4.8[a]
CSCv7|: 6.5
Vul ID: V-205712
Rule ID: SV-205712r569188_rule
STIG ID: WN19-CC-000490
Severity: CAT II
Owasp Top10: A05:2021
PCI-DSS v3.2: 1.1.5
PCI-DSS v4.0: 2.1, 8.5