I'm getting 4 vulnerabilities with my scan:
1. Information gathering
e: FTP on TCP port 21.
CVSS Base Score4.3- AV:N/AC:M/Au:N/C:P/I:N/A:NCVSS Temporal Score3.3- E:U/RL:W/RC:URSeverity3CategoryInformation gatheringCVE IDVendor ReferenceBugtraq IDDate UpdatedJul 1, 2021ThreatA remote management service that accepts unencrypted credentials was detected on the target host.
Services like FTP with basic auth are checked.
ImpactNASolutionIf possible, use alternate services that provide encryption.
Using strong cryptography, render all authentication credentials (such as passwords/phrases) unreadable during transmission.
2. Server Not Responding:
The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP / HTTPS requests. Consequently, the service aborted testing for HTTP / HTTPS vulnerabilities. The vulnerabilities already detected are still posted. For more details about this QID, please review the following Qualys KB article:
Impact The service was unable to complete testing for HTTP / HTTPS vulnerabilities since the Web server stopped responding.
Solution Check the Web server status.
If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved.
If the Web server is unable to process multiple concurrent HTTP / HTTPS requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support.
3. Server Not Responding Port 25
The service/daemon listening on the port shown stopped responding to TCP connection attempts during the scan. For more details about this QID, please review the following Qualys KB article:
Impact The service/daemon is vulnerable to a denial of service attack.
Solution This QID can be posted for a number of reasons (e.g., service crash, bandwidth utilization, or a device with IPS-like behavior).
If the service has crashed, report the incident to Customer Support or your QualysGuard re-seller, and stop scanning the service's listening port until the issue is resolved.
If the issue is bandwidth related, modify the Qualys performance settings to lower the scan impact.
If you do not find any service/daemon listening on this port, it may be a dynamic port and you may ignore this report.
This is posted as a PCI fail since the service stopped responding. Further checks were not launched for that service and therefore the PCI assessment was incomplete.
4. Server Not Responding Port 443
The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP / HTTPS requests. Consequently, the service aborted testing for HTTP / HTTPS vulnerabilities. The vulnerabilities already detected are still posted. For more details about this QID, please review the following Qualys KB article:
Impact The service was unable to complete testing for HTTP / HTTPS vulnerabilities since the Web server stopped responding.
Solution Check the Web server status.
If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved.
If the Web server is unable to process multiple concurrent HTTP / HTTPS requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support.
Any ideas how to make these four issues PCI Compliant for my PCI+ scan?
1. Information gathering
e: FTP on TCP port 21.
CVSS Base Score4.3- AV:N/AC:M/Au:N/C:P/I:N/A:NCVSS Temporal Score3.3- E:U/RL:W/RC:URSeverity3CategoryInformation gatheringCVE IDVendor ReferenceBugtraq IDDate UpdatedJul 1, 2021ThreatA remote management service that accepts unencrypted credentials was detected on the target host.
Services like FTP with basic auth are checked.
ImpactNASolutionIf possible, use alternate services that provide encryption.
Using strong cryptography, render all authentication credentials (such as passwords/phrases) unreadable during transmission.
2. Server Not Responding:
The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP / HTTPS requests. Consequently, the service aborted testing for HTTP / HTTPS vulnerabilities. The vulnerabilities already detected are still posted. For more details about this QID, please review the following Qualys KB article:
Impact The service was unable to complete testing for HTTP / HTTPS vulnerabilities since the Web server stopped responding.
Solution Check the Web server status.
If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved.
If the Web server is unable to process multiple concurrent HTTP / HTTPS requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support.
3. Server Not Responding Port 25
The service/daemon listening on the port shown stopped responding to TCP connection attempts during the scan. For more details about this QID, please review the following Qualys KB article:
Impact The service/daemon is vulnerable to a denial of service attack.
Solution This QID can be posted for a number of reasons (e.g., service crash, bandwidth utilization, or a device with IPS-like behavior).
If the service has crashed, report the incident to Customer Support or your QualysGuard re-seller, and stop scanning the service's listening port until the issue is resolved.
If the issue is bandwidth related, modify the Qualys performance settings to lower the scan impact.
If you do not find any service/daemon listening on this port, it may be a dynamic port and you may ignore this report.
This is posted as a PCI fail since the service stopped responding. Further checks were not launched for that service and therefore the PCI assessment was incomplete.
4. Server Not Responding Port 443
The Web server stopped responding to 3 consecutive connection attempts and/or more than 3 consecutive HTTP / HTTPS requests. Consequently, the service aborted testing for HTTP / HTTPS vulnerabilities. The vulnerabilities already detected are still posted. For more details about this QID, please review the following Qualys KB article:
Impact The service was unable to complete testing for HTTP / HTTPS vulnerabilities since the Web server stopped responding.
Solution Check the Web server status.
If the Web server was crashed during the scan, please restart the server, report the incident to Customer Support and stop scanning the Web server until the issue is resolved.
If the Web server is unable to process multiple concurrent HTTP / HTTPS requests, please lower the scan harshness level and launch another scan. If this vulnerability continues to be reported, please contact Customer Support.
Any ideas how to make these four issues PCI Compliant for my PCI+ scan?
Last edited by a moderator:
