daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: file/audit/pfsense/enable-https-protocol.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-05-04 11:17:00 -04:00
parent 9c08a5f73a
commit 7af50a25f0
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
file/audit/pfsense/enable-https-protocol.yaml
View File

@ -1,14 +1,17 @@
id: enable-https-protocol id: enable-https-protocol
info: info:
name: Enable HTTPS on Web Management name: Netgate Web Admin Management Portal/HTTPS - Detect
author: pussycat0x author: pussycat0x
severity: info severity: info
description: | description: |
Web Admin Management Portal should only be accessed using HTTPS Protocol.HTTP transmits all data (including passwords) in clear text over the network and Netgate Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
provides no assurance of the identity of the hosts involved.
reference: | reference: |
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
metadata: metadata:
verified: true verified: true
tags: firewall,config,audit,pfsense,file tags: firewall,config,audit,pfsense,file
@ -31,3 +34,5 @@ file:
- "<pfsense>" - "<pfsense>"
- "<system>" - "<system>"
condition: and condition: and
# Enhanced by md on 2023/05/04