AnsweredAssumed Answered

Remote Management Service Accepting Unencrypted Credentials Detected

Question asked by waeel ahmed on May 6, 2020

Dears ,

Could you support for this ,we are getting the below vulnerability for Cisco routers although the TFTP is not running .

what will be the correct solution for it .

Title :
Remote Management Service Accepting Unencrypted Credentials Detected

Threat:

A remote management service that accepts unencrypted credentials was detected on target host.
 Services like Telnet, FTP, HTTP with basic auth are checked.
Services like TFTP are also checked.

Solution :

"If possible, use alternate services that provide encryption.

Using strong cryptography, render all authentication credentials (such as passwords/phrases)
unreadable during transmission."
Result :
Service name: TFTP on UDP port 69.#


Outcomes