Target Credential Issues by Authentication Protocol - No Issues Found

🗓️ 24 May 2018 00:00:00Reported by TenableType
Target Credential Issues by Authentication Protoco
#TRUSTED 17bc9c5d7f0db7c2dc390fdb4d212cb36daa688b2960d3fabae59dcb4123d8a95dde2d8d99a19acd7f2a2935ebb378ef52ae518db6235ba28991c40fb64f52abc4dc547cf3086f91866aa18c9f618bec6d372885f593390c92f323df5e65df94797a2b4bc82c160df8a82301b3c87905024c06666aee1584a7f1e02065f581b5b51c474a79ce54a95344968f1369c0db00db7823cf8a5584b641b3228c1dd2f2db963e76a600df9c772eb4c24539db3921361e4919aea5854700de53fc4f7ee2657ac7833394396206210358f90fbf606acf504709f6079e826a5ec552c1c1f14c49820af5c23ef91a8f5e068b4cdb348f57bbb065b2709856c2694562af3593912de663e1e5905330ce5b13a9dde04950e035ed96aa185cf951b29c62a3274b6d391c21af43393e0f97119f009e250b167b6a46f1a381cd32b044986b6a7f42a378d2d1efc4987c0efa03f9de14260552885b4ba567548ce884ba2292e502bf211f84bb9964775bc8c0db0c755c56412ad8f3bed620a63c63e2e1a7f025965f36a1f45c04a9deec47d5788c06ea6f5d1849c4e233219aa541b1c4b9f418112e4fc32dd81d0cda40dd6d48e5624e12542c2a0ce9aab72fdad53b12f5f92243200413441dd9379cfa7472ad3320fd3b15c1b40f782d73e52d50ab13a1f145619fbb9b8856e294b02f5a15c8d434215ee52a474ca10f47882609a0d01cb9cabc12
#TRUST-RSA-SHA256 63c05c81f67c36ae360dc4812253f00c6afdb274e407ce20b2b27acc3c2684a6bf03db7d443d81ce8136bc14f7e20abf1a47b93fdad5d68a885bb8e738d142590750f4d18bc90ea75efd2f6fb48de4a82198ec01b8efc5d27bbf6576d22f97c8c001d4e1c69bf4d9d9ba633d03c65db2dfaa5c02724f55b56851bc637504ea36e8982dd16ace6076bc17ef6395201b507f00ca399636a069454411968e8941b47c24c83a149acd3bc644affb8ef857f3efc37305fe9c7132dfe145d8333843a1627d1938a250bdd626bf3d0a218b37782eab1f156245dce12646b7311dc6dacd769b4b49ed9be3acaba12a7a097a1cf15aa40153466c7f2c64f745c0a18dc047ae281dd482f8ea53ca50615c0a23147c7db0c633ebdb914a83864f0aa4513fbcef4096c9c4fba6a0d3c869aa190bb27e92e65b2e1f91d180f6af6da94c92b9d91e94f4c428f3a2904a4200ad32cd840d0d116e16054df291026f5dd9e5850d50a3d7695c88373987bd78f994bd48dc12912242c631aa7c7f8efa0ca3ba8eb302b1b652cb6d127c781d4cb4ece93aa9e760c30ace04e9060e5341de9ccd7c1d813c413064b25e5e5cb029563c08fd20dcf03bc744d7a2c0eac60df14ebf7b920020238a7087f037f1ed569f6c43a667f82a20608c3293af3723e71c1a4f91dd6b2f986cc90a9c77be5ac4fddd34595af853962a19c6122aa90c6a50873894f4b1
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(110095);
  script_version("1.27");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/28");

  script_xref(name:"IAVB", value:"0001-B-0520");

  script_name(english:"Target Credential Issues by Authentication Protocol - No Issues Found");
  script_summary(english:"Reports protocols with valid credentials and no credential issues found.");

  script_set_attribute(attribute:"synopsis", value:
"Nessus was able to log in to the remote host using the provided
credentials. No issues were reported with access, privilege, or
intermittent failure.");
  script_set_attribute(attribute:"description", value:
"Valid credentials were provided for an authentication protocol on the
remote target and Nessus did not log any subsequent errors or failures
for the authentication protocol.

When possible, Nessus tracks errors or failures related to otherwise
valid credentials in order to highlight issues that may result in
incomplete scan results or limited scan coverage. The types of issues
that are tracked include errors that indicate that the account used
for scanning did not have sufficient permissions for a particular
check, intermittent protocol failures which are unexpected after the
protocol has been negotiated successfully earlier in the scan, and
intermittent authentication failures which are unexpected after a
credential set has been accepted as valid earlier in the scan. This
plugin reports when none of the above issues have been logged during
the course of the scan for at least one authenticated protocol. See
plugin output for details, including protocol, port, and account.

Please note the following :

- This plugin reports per protocol, so it is possible for
  issues to be encountered for one protocol and not another.
  For example, authentication to the SSH service on the
  remote target may have consistently succeeded with no
  privilege errors encountered, while connections to the SMB
  service on the remote target may have failed
  intermittently.

- Resolving logged issues for all available authentication
  protocols may improve scan coverage, but the value of
  resolving each issue for a particular protocol may vary
  from target to target depending upon what data (if any) is
  gathered from the target via that protocol and what
  particular check failed. For example, consistently
  successful checks via SSH are more critical for Linux
  targets than for Windows targets, and likewise
  consistently successful checks via SMB are more critical
  for Windows targets than for Linux targets.");
  script_set_attribute(attribute:"risk_factor", value:"None");

  script_set_attribute(attribute:"plugin_publication_date", value:"2018/05/24");
  script_set_attribute(attribute:"solution", value:"n/a");
  script_set_attribute(attribute:"plugin_type", value:"summary");
  script_end_attributes();

  script_category(ACT_END);
  script_family(english:"Settings");

  script_copyright(english:"This script is Copyright (C) 2018-2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  # No dependencies, since this is an ACT_END plugin
  exit(0);
}

include("spad_log_func.inc");
include("cred_func.inc");
include("lcx.inc");

global_var auth_ok_count = 0;

function report_success(prefix, proto, db, port, user)
{
  if (lcx::check_localhost() && (proto == "SMB" || proto == "SSH"))
    return 0;

  var kb_prefix = prefix + proto + "/" + port;
  var report = '';

  # Don't fire if HostLevelChecks/issues/error/* items are present
  var lcx_error_count = lcx::get_issue_count(type:lcx::ISSUES_ERROR);
  
  auth_ok_count++;
  
  if (get_kb_list(kb_prefix + "/Failure")) return 0;
  if (proto == 'SSH' && lcx::has_ssh_priv_failures()) return 0;
  if (get_kb_list(kb_prefix + "*/Problem")) return 0;
  if (lcx_error_count > 0) return 0;

  report += get_credential_description(proto:proto, port:port, user:user);

  if (empty_or_null(report))
    return 0;

  report = '\nNessus was able to log into the remote host with no privilege or access' +
           '\nproblems via the following :\n\n' + report;

  security_report_v4(port:port, extra:report, severity:SECURITY_NOTE);

  return 1;
}

function report_localhost()
{
  if (!lcx::check_localhost()) return 0;
  if (!get_kb_item("Host/local_checks_enabled")) return 0;
  local_var host_level_proto = get_kb_item("HostLevelChecks/proto");
  if (empty_or_null(host_level_proto) || host_level_proto != "local") return 0;

  local_var report = 'Nessus was able to execute commands locally with sufficient privileges\n' +
                     'for all planned checks.\n\n'; 

  security_report_v4(port:0, extra:report, severity:SECURITY_NOTE);

  return 1;
}

var successes = get_kb_list("Host/Auth/*/Success");

var num_reported = 0;

var pat = "^Host/Auth/([A-Za-z]+/[0-9]+)/.*";

var win, match, protoport, tmp;
foreach win (keys(successes))
{
  match = pregmatch(pattern:pat, string:win, icase:FALSE);
  if (isnull(match)) continue;

  protoport = match[1];

  tmp = split(protoport, sep:'/', keep:FALSE);
  num_reported += report_success(prefix:"Host/Auth/", proto:tmp[0], port:tmp[1], user:successes[win]);
}

if (num_reported == 0) num_reported += report_localhost();

if (num_reported == 0)
{
  if (auth_ok_count > 0)
    exit(0, "Authentication successes encountered privilege, access, or intermittent failure issues.");
  else if (lcx::svc_available())
    exit(0, "No authentication successes using user supplied credentials to report.");
  else exit(0, "No local checks ports or services were detected.");
}
28 Aug 2025 00:00Current
5.8Medium risk
Vulners AI Score5.8