SOAP/XML Plaintext Credentials Disclosure

Medium Nessus Network Monitor Plugin ID 4758

Synopsis

The remote host is running an inherently insecure protocol or application.

Description

The remote SOAP server was just observed receiving what appears to be login information over unencrypted HTTP.

Solution

Ensure that confidential data is only passed over an encryped protocol.

Plugin Details

Severity: Medium

ID: 4758

Family: Web Servers

Published: 2008/11/14

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: Medium