PCI v3.2-6.5.8
CAPEC-87
CWE-425
HIPAA-164.306(a), 164.308(a)
ISO27001-A.9.4.1
WASC-34
OWASP 2013-A7
OWASP 2017-A5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

TS Web Access Identified

Severity:
Information
Summary

Invicti identified that Terminal Services Web Access (TS Web Access) is publicly accessible on the target server.

TS Web Access enables users to connect from a Web browser to the remote desktop of any user accessible server or client computer.

Impact

This issue is reported as additional information only. There is no direct impact arising from this issue.

Remediation

Configure your web server to prevent public access to the TS Web Access interface by implementing access control mechanisms.

Required Skills for Successful Exploitation
Actions To Take
Classifications
PCI v3.2-6.5.8
CAPEC-87
CWE-425
HIPAA-164.306(a), 164.308(a)
ISO27001-A.9.4.1
WASC-34
OWASP 2013-A7
OWASP 2017-A5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Index

You can search and find all vulnerabilities

Select Category
Critical
High
Medium
Low
Best Practice
Information
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Related Vulnerabilities

Featured resources

No items found.
No items found.
View all resources

Build your resistance to threats. And save hundreds of hours each month.

Get a Demo