Windows Server 2019 must prevent NTLM from falling back to a Null session.

An XCCDF Rule

Description

NTLM sessions that are allowed to fall back to Null (unauthenticated) sessions may gain unauthorized access.

ID: SV-205917r991589_rule
Version: WN19-SO-000270
Severity: Medium
References: CCI-000366
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network security: Allow LocalSystem NULL session fallback" to "Disabled".