Detections
Analytics

1.173 WN10-CC-000350

Information

The Windows Remote Management (WinRM) service must not allow unencrypted traffic.

GROUP ID: V-220866RULE ID: SV-220866r958848

Unencrypted remote access to a system can allow sensitive information to be compromised. Windows remote management connections must be encrypted to prevent this.

Solution

Configure the policy value for

Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> 'Allow unencrypted traffic'

to 'Disabled'.

See Also

https://workbench.cisecurity.org/benchmarks/23869

Item Details

Category: MAINTENANCE

References: 800-53|MA-4(6), CCI|CCI-002890, CCI|CCI-003123, Rule-ID|SV-220866r958848_rule, STIG-ID|WN10-CC-000350, Vuln-ID|V-220866

Plugin: Windows

Control ID: 5aea6d9a721ebbe9836fa4f154ddb2a81163a5f578acf7ff068f4de9a94162df