CA eTrust SCM Plaintext Login Detection

Medium Nessus Network Monitor Plugin ID 4484

Synopsis

The remote host passes information across the network in an insecure manner.

Description

The remote host is running the CA eTrust SCM application. The administrative interface is enabled on this host. Further, PVS has just observed a client logging in with plaintext credentials. Confidential data, such as administrative passwords, should always be passed over encrypted or secured channels.

Solution

Force the use of encryption during login and all administrative functions.

Plugin Details

Severity: Medium

ID: 4484

File Name: 4484.prm

Family: Web Servers

Published: 2008/04/22

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: Medium