Anonymous FTP Enabled | Tenable®

Nessus has detected that the FTP server running on the remote host allows anonymous logins. Therefore, any remote user may connect and authenticate to the ... LinksTenable.ioTenableCommunity&SupportTenableUniversitySettingsSeverityVPRCVSSv2CVSSv3ThemeLightDarkAutoNewestUpdatedSearchNessusFamiliesWASFamiliesNNMFamiliesLCEFamiliesTenable.otFamiliesAboutPluginFamiliesNessusReleaseNotesNewestUpdatedSearchNessusFamiliesWASFamiliesNNMFamiliesLCEFamiliesTenable.otFamiliesAboutPluginFamiliesNessusReleaseNotesPluginsNessus10079NessusAnonymousFTPEnabledmediumNessusPluginID10079Language:EnglishEnglish日本語简体中文InformationDependenciesDependentsSynopsisAnonymousloginsareallowedontheremoteFTPserver.DescriptionNessushasdetectedthattheFTPserverrunningontheremotehostallowsanonymouslogins.Therefore,anyremoteusermayconnectandauthenticatetotheserverwithoutprovidingapasswordoruniquecredentials.ThisallowstheusertoaccessanyfilesmadeavailablebytheFTPserver.SolutionDisableanonymousFTPifitisnotrequired.RoutinelychecktheFTPservertoensurethatsensitivecontentisnotbeingmadeavailable.PluginDetailsSeverity:MediumID:10079FileName:ftp_anonymous.naslVersion:1.59Type:remoteFamily:FTPPublished:6/22/1999Updated:3/27/2020RiskInformationCVSSScoreSource:CVE-1999-0497CVSSScoreRationale:Tenablegivesaconfidentialityimpactofpartialsincetheissuecouldallowunwantedaccesstofilesystem.VPRRiskFactor:LowScore:1.4CVSSv2RiskFactor:MediumBaseScore:5Vector:AV:N/AC:L/Au:N/C:P/I:N/A:NCVSSv3RiskFactor:MediumBaseScore:5.3Vector:CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NVulnerabilityInformationExcludedKBItems:global_settings/supplied_logins_onlyVulnerabilityPublicationDate:7/1/1993ReferenceInformationCVE:CVE-1999-0497BID:83206