PCI DSS Compliance : Insecure Communication Has Been Detected

medium Nessus Plugin ID 56208


An insecure port, protocol, or service has been detected.


Applications that fail to adequately encrypt network traffic using strong cryptography are at increased risk of being compromised and exposing cardholder data. An attacker who is able to exploit weak cryptographic processes can gain control of an application or even gain cleartext access to encrypted data.


Properly encrypt all authenticated and sensitive communications.

Plugin Details

Severity: Medium

ID: 56208

File Name: pci_cleartext_credentials.nasl

Version: 1.9

Type: remote

Published: 9/15/2011

Updated: 4/22/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score from an in depth analysis done by tenable


Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: manual


Risk Factor: Medium

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

Required KB Items: Settings/PCI_DSS

Excluded KB Items: Settings/PCI_DSS_local_checks