Windows Server 2019 Windows Remote Management (WinRM) client must not use Basic authentication.

An XCCDF Rule

Description

Basic authentication uses plain-text passwords that could be used to compromise a system. Disabling Basic authentication will reduce this potential.

ID: SV-205711r958510_rule
Version: WN19-CC-000470
Severity: High
References: CCI-000877
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Client >> "Allow Basic authentication" to "Disabled".