trailofbits.yaml.ansible.wrm-cert-validation-ignore.wrm-cert-validation-ignore
trailofbits
Author
unknown
Download Count*
License
Found Windows Remote Management connection with certificate validation disabled
Run Locally
Run in CI
Defintion
rules:
- id: wrm-cert-validation-ignore
message: Found Windows Remote Management connection with certificate validation
disabled
languages:
- yaml
severity: WARNING
metadata:
category: security
cwe: "CWE-295: Improper Certificate Validation"
subcategory:
- audit
technology:
- ansible
confidence: HIGH
likelihood: HIGH
impact: HIGH
references:
- https://docs.ansible.com/ansible/latest/os_guide/windows_winrm.html#https-certificate-validation
license: AGPL-3.0 license
vulnerability_class:
- Improper Authentication
pattern: "ansible_winrm_server_cert_validation: ignore"
Examples
wrm-cert-validation-ignore.test.yaml
---
- name: Positive test
# ruleid: wrm-cert-validation-ignore
ansible_winrm_server_cert_validation: ignore
Short Link: https://sg.run/nJlP1