PCI DSS compliance

high Nessus Plugin ID 33929


The remote host has been found to be NOT COMPLIANT with the PCI DSS external scanning requirements.


The remote host is vulnerable to one or more conditions that are considered to be 'automatic failures' according to the PCI DSS Approved Scanning Vendors Program Guide (version 3.1). These failures include one or more of the following :

- Vulnerabilities with a CVSS base score greater than or equal to 4.0

- Unsupported operating systems

- Internet reachable database servers (must validate whether cardholder data is stored)

- Presence of built-in or default accounts

- Unrestricted DNS Zone transfers

- Unvalidated parameters leading to SQL injection attacks

- Cross-Site Scripting (XSS) flaws

- Directory traversal vulnerabilities

- HTTP response splitting/header injection

- Detection of backdoor applications (malware, trojan horses, rootkits, backdoors)

- Use of older, insecure SSL/TLS versions (TLS v1.2 is the minimum standard)

- Use of anonymous key exchange protocols (such as anonymous Diffie-Hellman in SSL/TLS)

- Scan Interference

Details of the failed items may be found in the 'Output' section of this plugin result. These vulnerabilities and/or failure conditions will have to be corrected before you are able to submit your scan results for validation by Tenable to meet your quarterly external scanning requirements.

If you are conducting this scan via Tenable.io and either disagree with any of the results, believe there are false-positives, or must rely on compensating controls to mitigate the vulnerability then you may proceed with submitting this report to our PCI-ASV Workbench by clicking on 'Submit for PCI'. You may login to the Tenable PCI-ASV Workbench in Tenable.io and dispute or provide mitigation evidence for each of the residual findings.

See Also


Plugin Details

Severity: High

ID: 33929

File Name: pci_compliance.nbin

Version: 1.119

Type: summary

Published: 8/7/2008

Updated: 4/6/2022

Vulnerability Information

Excluded KB Items: Settings/PCI_DSS_local_checks