Microsoft Windows 'Backup Operators' Group User List

info Nessus Plugin ID 10904

Synopsis

There is at least one user in the 'Backup Operators' group.

Description

Using the supplied credentials, it is possible to extract the member list of the 'Backup Operators' group. Members of this group can logon to the remote host and perform backup operations (read/write files) but have no administrative rights.

Solution

Verify that each member of the group should have this type of access.

Plugin Details

Severity: Info

ID: 10904

File Name: smb_group_backup_op.nasl

Version: 1.19

Type: local

Agent: windows

Published: 3/15/2002

Updated: 5/16/2018

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

Required KB Items: SMB/name, SMB/login, SMB/password, SMB/transport