Micro Focus Enterprise Administration Server Authentication Check

high Nessus Plugin ID 51839

Synopsis

The remote Micro Focus Enterprise Administration Server interface does not require authentication.

Description

The administration interface for the remote Micro Focus Enterprise Server is accessible without authentication. A remote attacker is able to access potentially sensitive information and modify any settings available through this administration interface.

Solution

Modify the application's security settings to require authentication.

Plugin Details

Severity: High

ID: 51839

File Name: microfocus_enterprise_admin_server_auth.nasl

Version: 1.5

Type: remote

Family: CGI abuses

Published: 2/1/2011

Updated: 1/19/2021

Supported Sensors: Nessus

Vulnerability Information

Required KB Items: www/microfocus_ent_admin_server

Excluded KB Items: Settings/disable_cgi_scanning

Exploited by Nessus: true