Insecure authentication method
Description
The server uses Basic authentication over an insecure channel.
Impact
Gather base 64 coded credentials.
Recommendation
Use stronger authentication mechanisms like Bearer and OAuth.
Threat
Unauthorized attacker from adjacent network performing a Sniffing attack.
Expected Remediation Time
⏱️ 120 minutes.
Requirements
030 - Avoid object reutilization228 - Authenticate using standard protocols319 - Make authentication options equally secure153 - Out of band transactionsFixes