Remote Management: Windows Remote Management (WinRM) client must not use Basic authentication

e4dd3ff4-f585-4e08-b91e-8bb3e02737c5

Basic authentication uses plain-text passwords that could be used to compromise a system. Disabling Basic authentication will reduce this potential.

Remediation

To fix this, configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> "Allow Basic authentication" to "Disabled".

STIG; Server: https://www.stigviewer.com/stig/windows_server_2019/2020-06-15/finding/V-93503
Desktop: https://www.stigviewer.com/stig/windows_10/2021-08-18/finding/V-220862

compliance-desktop

compliance-server

stig-high-server

desktop

server

security-server

security-desktop

stig-high-desktop

Knowledge Base
Documentation
Tutorials
Screencasts
Validation Scripts
Support Center