Detections
Analytics
WN12-CC-000123 - The Windows Remote Management (WinRM) client must not use Basic authentication.
Warning! Audit Deprecated
This audit has been deprecated and will be removed in a future update.
View Next Audit VersionInformation
Basic authentication uses plain text passwords that could be used to compromise a system.Solution
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Windows Remote Management (WinRM) -> WinRM Client -> 'Allow Basic authentication' to 'Disabled'.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R6_STIG.zip
Item Details
References: CAT|I, CCI|CCI-000877, Rule-ID|SV-226216r877395_rule, STIG-ID|WN12-CC-000123, STIG-Legacy|SV-51752, STIG-Legacy|V-36712, Vuln-ID|V-226216
Plugin: Windows
Control ID: d841fb004b96241df3f4f351f7c1ddcda7da997ac61431b6057867fcdb66009e