Brute Force
Plugin details
| Severity | High |
|---|---|
| ID | 10012 |
| Category | Authentication |
| CVSS score | 7.3 |
| CVSS link | https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
Synopsis
Brute Force attack was successful against the server.
Description
Authentication to the target server was attempted with a user-provided combination of usernames and passwords. Authentication was successful with one or multiple combinations. This indicates that weak credentials are in use.
Solution
Use strong credentials that are hard to guess, block authentication from a client after a number of failed attempts, or disable password authentication altogether.