Anonymous users are users or services that access resources over a network connection without a user name, domain and password. User rights can provide system, administrative, and other high-level privileges to modify critical system settings and functionalities. User rights must be disabled to anonymous accounts to improve security.
Severity
Critical
Category
Account Privilege Management
Resolution
Follow the below steps to resolve the misconfiguration.
Step 1: Open RUN
Step 2: Type in "gpedit.msc"
Step 3: Navigate to computer configuration> Windows settings> Security settings> Local policies> User rights. Here all the user rights and its permission details for each user right will be listed.
Step 4: Right click on a user right for which "anonymous" permission is assigned and click on properties.
Step 5: Under "local security setting" select "anonymous" and click on remove.
Step 6: Click "ok".
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
