Security Monitoring tool detects CWE-522 Weak Authentication - Basic Authentication enabled for https://VCSA/mob and https://VCSA/folder
search cancel

Security Monitoring tool detects CWE-522 Weak Authentication - Basic Authentication enabled for https://VCSA/mob and https://VCSA/folder

book

Article ID: 383800

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Security Monitoring tool may pick up on CWE-522 for Weak Authentication, for /mob and /folder of VCSA for use of Basic Authentication 

Environment

vCenter Server 7.0 

vCenter Server 8.0 

Cause

This is not considered a vulnerability or an exploitable issue, as credentials are securely transmitted over HTTPS

Resolution

Changing authentication for /mob or /Folder is not currently a feature.