Database Connection Configuration Information Disclosure (xml)

Medium Nessus Network Monitor Plugin ID 4656


The remote web application server may be prone to a policy violation.


PVS has just noted a web transaction that included database connection information. This includes database name, user ID, password and more.


Ensure that such information is not stored or sent in plaintext. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.

Plugin Details

Severity: Medium

ID: 4656

Family: Web Servers

Published: 2008/09/15

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: Medium