Weak Authentication Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior

Weak Authentication Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior

CVE-2019-16067 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over HTTP for enforcing access control to the web application. The use of weak authentication transmitted over cleartext protocols can allow an attacker to steal username and password combinations by intercepting authentication traffic in transit.

Learn more about our Web App Pen Testing.