Windows Server 2022 Windows Remote Management (WinRM) service must not store RunAs credentials.

An XCCDF Rule

Details
Profiles

Description

Storage of administrative credentials could allow unauthorized access. Disallowing the storage of RunAs credentials for Windows Remote Management will prevent them from being used with plug-ins. Satisfies: SRG-OS-000373-GPOS-00156, SRG-OS-000373-GPOS-00157

ID: SV-254383r1051100_rule
Version: WN22-CC-000520
Severity: Medium
References: CCI-002038
Updated: 6 days ago

Remediation Templates

Configure the policy value for Computer Configuration >> Administrative Templates >> Windows Components >> Windows Remote Management (WinRM) >> WinRM Service >> Disallow WinRM from storing RunAs credentials to "Enabled".

Windows Server 2022 Windows Remote Management (WinRM) service must not store RunAs credentials.

Description

Remediation Templates

A Manual Procedure