CCE-36366-3| Platform: win2012r2 | Date: (C)2015-10-08 (M)2022-10-10 |
Allow CredSSP authentication
This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts CredSSP authentication from a remote client.
If you enable this policy setting, the WinRM service will accept CredSSP authentication from a remote client.
If you disable or do not configure this policy setting, the WinRM service will not accept CredSSP authentication from a remote client.
Parameter:
Technical Mechanism:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Remote Management (WinRM)\WinRM Service!Allow CredSSP authentication
(2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\WinRM\Service!AllowCredSSP
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : | Attack Vector: |
| Exploit Score: | Attack Complexity: |
| Impact Score: | Privileges Required: |
| Severity: | User Interaction: |
| Vector: | Scope: |
| | Confidentiality: |
| | Integrity: |
| | Availability: |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27449 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27449 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27449 |
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:27449 |
