PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Remote Management: Windows Remote Management (WinRM) service must not store RunAs credentials

84308839-5335-424f-bd4b-79b1c463e4d6

Storage of administrative credentials could allow unauthorized access. Disallowing the storage of RunAs credentials for Windows Remote Management will prevent them from being used with plug-ins.

Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Administrative Templates
|_ Windows Components
|_ Windows Remote Management (WinRM)
|_ WinRM Service
|_ Disallow WinRM from storing RunAs credentials to "Enabled".

Stig:
Server
2022: https://system32.eventsentry.com/stig/viewer/V-254383
2019: https://system32.eventsentry.com/stig/viewer/V-205810

Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253420
W10: https://system32.eventsentry.com/stig/viewer/V-220867

NIST 800-53 rev4: SC-7(21)
NIST 800-53 rev5: SC-7(21)
PCI DSS 4.0.1: 1.3.3
PCI DSS 4.0.1 SAQ A-EP:1.3.3
CSCv7: 14.3
CMMC v2.0 L3: TBD - 3.13.4e
SRG: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157



Tags

pci-dss-v4-desktop pci-dss-v4-server cmmc2-l3-desktop cmmc2-l3-server nist800-53-desktop nist800-53-server cis-csc-desktop cis-csc-server compliance-desktop compliance-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.