The Windows Remote Management (WinRM) service must not store RunAs credentials.
An XCCDF Rule
Description
Storage of administrative credentials could allow unauthorized access. Disallowing the storage of RunAs credentials for Windows Remote Management will prevent them from being used with plug-ins.
- ID
- SV-253420r1016440_rule
- Version
- WN11-CC-000355
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> "Disallow WinRM from storing RunAs credentials" to "Enabled".