|
Family: Windows --> Category: infos
CRYPTO-Server LDAP Credentials Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for LDAP credentials left by InstallAnywhere
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host is affected by an information disclosure
issue.
Description :
A version of CRYPTOCard CRYPTO-Server, the server component of a
commercial two-factor authentication system, is installed on the
remote host.
When CRYPTO-Server was installed on the remote host, the installer
left credentials used to configure the application with Active
Directory in a log file, which by default is readable by anyone with
local access.
Solution :
Change the credentials used by CRYPTO-Server for Active Directory and
JDBC.
Threat Level:
Low / CVSS Base Score : 1.6
(AV:L/AC:L/Au:NR/C:P/I:N/A:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|