Skip to content

H3-2020-0018

Fundamentally Insecure Protocols Detected

Category SECURITY_MISCONFIGURATION
Base Score 0.1

Description

Fundamentally insecure protocols transmit data across the network in cleartext or plaintext and without encryption. These protocols include but are not limited to TFTP, FTP, SNMPv1/2, telnet, HTTP, POP3 and IMAP.

Impact

An attacker can perform a Man-in-the-Middle (MITM) attack to intercept or collect credentials passed over an insecure protocol. Sensitive information such as passwords or business secrets may be disclosed from this attack.

References