Terminal Services Encryption Level is not FIPS-140 Compliant
low Nessus Plugin ID 30218
Language:
New! Plugin Severity Now Using CVSS v3
The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Synopsis
The remote host is not FIPS-140 compliant.Description
The encryption setting used by the remote Terminal Services service is not FIPS-140 compliant.Solution
Change RDP encryption level to :4. FIPS Compliant
Plugin Details
Severity: Low
ID: 30218
File Name: fips_rdp.nbin
Version: 1.57
Type: remote
Family: Misc.
Published: 2/11/2008
Updated: 7/12/2021
Dependencies: rdp_credssp_detect.nbin
Risk Information
CVSS v2
Risk Factor: Low
Base Score: 2.6
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N