Summary
The remote web server is running the SiteScope Management web server. This service allows attackers to gain sensitive information on the SiteScope-monitored server.
Sensitive information includes (but is not limited to): license number, current users, administrative email addresses, database username and password, SNMP community names, UNIX usernames and passwords, LDAP configuration, access to internal servers (via Diagnostic tools), etc.
Solution
Disable the SiteScope Managment web server if it is unnecessary, or block incoming traffic to this port.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)
- Apple Mac OS X Authentication Bypass Vulnerability
- Adobe Reader Multiple Vulnerabilities - Aug07 (Windows)
- Apple Safari Webkit Multiple Vulnerabilities - June13 (Mac OS X)
- Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)