avast! Antivirus Server Edition Password Setting Weakness
Medium Nessus Plugin ID 24280
SynopsisThe remote Windows host contains an application that is susceptible to an authentication bypass issue.
DescriptionThe remote host is running avast! Antivirus Server Edition.
The installed version of this software reportedly does not ask for a password even if one is set. A local attacker may be able to leverage this issue to bypass authentication and manipulate settings of the affected application.
SolutionUpgrade to avast! Antivirus Server Edition 4.7.726 or later.