Announcing Incident Command! The AI powered Next-Gen SIEMLearn more.

vulnerability

Scanning Diagnostics: Unable to contact the WinRM Listener

Severity
1
CVSS
(AV:L/AC:H/Au:M/C:N/I:N/A:N)
Published
Nov 2, 2021
Added
Nov 2, 2021
Modified
Nov 2, 2021

Description


The following information is for Scan Diagnostic purposes only, and is not indicative of a detected vulnerability.




The scanning user encountered an error when connecting to the WinRM Service. The WinRM port was discovered but access via WinRM was not successful.

This can be caused by a number of issues:


  • Another service is running on port 5986

  • The WinRM HTTPS Listener is not configured to accept connections from the Scan Engine IP





WinRM access is required for accurate Windows Policy assessments, it is used to collect information on hardening compliance, amongst other Windows configuration data.

Solution

rapid7-diagnostics-winrm-listener-error

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.