Synopsis
The remote web server seems to transmit credentials using Basic Authentication.
Description
The remote web server contains web pages that are protected by 'Basic' authentication over HTTPS.
While this is not in itself a security flaw, in some organizations, the use of 'Basic' authentication is discouraged as, depending on the underlying implementation, it may be vulnerable to account brute-forcing or may encourage Man-in-The-Middle (MiTM) attacks.
Solution
Make sure that the use of HTTP 'Basic' authentication is in line with your organization's security policy.
Plugin Details
File Name: www_https_basic_authentication.nasl
Supported Sensors: Nessus