Terminal Services Encryption Level is Medium or Low

medium Nessus Plugin ID 57690

Language:

Synopsis

The remote host is using weak cryptography.

Description

The remote Terminal Services service is not configured to use strong cryptography.

Using weak cryptography with this service may allow an attacker to eavesdrop on the communications more easily and obtain screenshots and/or keystrokes.

Solution

Change RDP encryption level to one of :

3. High

4. FIPS Compliant

Plugin Details

Severity: Medium

ID: 57690

File Name: rdp_weak_crypto.nbin

Version: 1.93

Type: remote

Family: Misc.

Published: 1/25/2012

Updated: 1/5/2026

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Manually scored based on the nature of the vulnerability.

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS Score Source: manual

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Detections

Analytics