Terminal Services Encryption Level is Medium or Low

medium Nessus Plugin ID 57690

Language:

Synopsis

The remote host is using weak cryptography.

Description

The remote Terminal Services service is not configured to use strong cryptography.

Using weak cryptography with this service may allow an attacker to eavesdrop on the communications more easily and obtain screenshots and/or keystrokes.

Solution

Change RDP encryption level to one of :

3. High

4. FIPS Compliant

Plugin Details

Severity: Medium

ID: 57690

File Name: rdp_weak_crypto.nbin

Version: 1.82

Type: remote

Family: Misc.

Published: 1/25/2012

Updated: 3/19/2024

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Detections

Analytics