XMPP Cleartext Authentication

medium Nessus Plugin ID 87736

Synopsis

The remote host is running a service that allows cleartext authentication.

Description

The remote Extensible Messaging and Presence Protocol (XMPP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear.

Solution

Disable cleartext authentication mechanisms in the XMPP configuration.

Plugin Details

Severity: Medium

ID: 87736

File Name: xmpp_plaintext_authentication.nasl

Version: Revision: 1.1

Type: remote

Family: Misc.

Published: 1/5/2016

Updated: 1/5/2016

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N