ID de Prueba:	1.3.6.1.4.1.25623.1.0.114017
Categoría:	Default Accounts
Título:	Portainer UI No Authentication Vulnerability (HTTP)
Resumen:	The script checks if the Portainer Dashboard UI has no; authentication enabled at the remote web server.
Descripción:	Summary: The script checks if the Portainer Dashboard UI has no authentication enabled at the remote web server. Vulnerability Insight: The installation of Portainer might be misconfigured and therefore unprotected and exposed to the public. Vulnerability Impact: Access to the dashboard gives you top level access to all aspects of administration for the cluster it is assigned to manage. That includes managing applications, containers, starting workloads, adding and modifying applications, and setting key security controls. Solution: It is highly recommended to enable authentication and create an administrator user to avoid exposing your dashboard with administrator privileges to the public. Always choose a secure password, especially if your dashboard is exposed to the public. CVSS Score: 9.7 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:P
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.