This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
The remote Terminal Services doesn't use Network Level Authentication only.
The remote Terminal Services is not configured to use Network Level
Authentication (NLA) only. NLA uses the Credential Security Support
Provider (CredSSP) protocol to perform strong server authentication
either through TLS/SSL or Kerberos mechanisms, which protect against
man-in-the-middle attacks. In addition to improving authentication,
NLA also helps protect the remote computer from malicious users and
software by completing user authentication before a full RDP
connection is established.
See also :
Enable Network Level Authentication (NLA) on the remote RDP server. This is
generally done on the 'Remote' tab of the 'System' settings on Windows.
Risk factor :
Medium / CVSS Base Score : 4.3
Nessus Plugin ID: 58453 ()
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.