CA eTrust SCM Plaintext Login Detection
Medium Nessus Network Monitor Plugin ID 4484
SynopsisThe remote host passes information across the network in an insecure manner.
DescriptionThe remote host is running the CA eTrust SCM application. The administrative interface is enabled on this host. Further, PVS has just observed a client logging in with plaintext credentials. Confidential data, such as administrative passwords, should always be passed over encrypted or secured channels.
SolutionForce the use of encryption during login and all administrative functions.