Summary #

Netsparker identified that Terminal Services Web Access (TS Web Access) is publicly accessible on the target server.

TS Web Access enables users to connect from a Web browser to the remote desktop of any user accessible server or client computer.

Impact #
This issue is reported as additional information only. There is no direct impact arising from this issue.
Remediation #
Configure your web server to prevent public access to the TS Web Access interface by implementing access control mechanisms.
Classifications #
PCI v3.2-, CAPEC-87, CWE-425, HIPAA-425, ISO27001-A.9.4.1, WASC-34, OWASP PC-C6, OWASP 2013-A7, OWASP 2017-A5 , CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo