WN12-CC-000123 - The Windows Remote Management (WinRM) client must not use Basic authentication.
Information
Basic authentication uses plain text passwords that could be used to compromise a system.Solution
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Remote Management (WinRM) -> WinRM Client -> 'Allow Basic authentication' to 'Disabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R4_STIG.zip
Item Details
Category: MAINTENANCE
References: 800-53|MA-4c., CAT|I, CCI|CCI-000877, Rule-ID|SV-226216r794449_rule, STIG-ID|WN12-CC-000123, STIG-Legacy|SV-51752, STIG-Legacy|V-36712, Vuln-ID|V-226216
Plugin: Windows
Control ID: bacfe2d17a19d17c7005120bc642d1e6199cd44e024d1d08c2b1a6e6bfa0bc67