SMB Password Encryption Not Required

Medium Nessus Plugin ID 87734


Password encryption is not required on the remote SMB server.


The remote SMB server does not require password encryption. This allows clients to send cleartext passwords over the network.


Require password encryption on the SMB server.

Plugin Details

Severity: Medium

ID: 87734

File Name: smb_password_encryption_disabled.nasl

Version: $Revision: 1.1 $

Type: remote

Agent: windows

Family: Windows

Published: 2016/01/05

Modified: 2016/01/05

Dependencies: 11153

Risk Information

Risk Factor: Medium


Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/o:microsoft:windows