PCI Compliance Network Scan Issue - HTTP response code was an expected 401

Question

We take Credit card over internet connected comupter, and we have to pass PCI compliance network scan. When I run network scan , I have the following error. How can i fix this error. Any help appreciated.

Running vulnerable HTTP service. HTTP request to

http://xx.xxx.xxx.xxx:8080/

HTTP response code was an expected 401

1: Basic realm="WEB Remote
Viewer"

What has your research revealed? – SpacemanSpiff Mar 21 '13 at 17:36 — SpacemanSpiff, Mar 21 '13 at 17:36

score 5 · Answer 1 · edited Jul 20 '13 at 19:52

5

The PCI DSS requires that passwords are not transmitted in the clear. Basic auth over HTTP would result in clear-text transmission of the password.

Enable SSL for port 8080.

edited Jul 20 '13 at 19:52

Jed Daniels

7,282
2
34
42

answered Mar 21 '13 at 18:37

Mark Wagner

18,019
2
32
47

PCI Compliance Network Scan Issue - HTTP response code was an expected 401

1 Answers1