Synopsis
The remote web server is running an application with no password.
Description
The remote host is running iisprotect, an IIS add-on to protect the pages served by this server.
However, the administration module of this interface has not been password protected. As a result, an attacker may perform administrative tasks without any authentication.
Solution
Set a strong password for accessing this page.
Plugin Details
File Name: iisprotect_passwordless.nasl
Supported Sensors: Nessus
Risk Information
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
Required KB Items: www/ASP