Hello good afternoon:
Please your help and support: I tell you about an "X" vendor vulnerability scan tool, I detect the following vuln against the IP of the MGT WEB-GUI of the Firewall.
Problem,inconvenience, vulnerability against the WEB-GUI/MGT of the firewall directly:
Details: Low TCP 443 Web Server Allows Password Auto-Completion: The 'autocomplete' attribute is not disabled on password fields. "The remote web server contains at least one HTML form field that has an input of type 'password' where 'autocomplete' is not set to 'off'. While this does not represent a risk to this web server per se, it does mean that users who use the affected forms may have their credentials saved in their browsers, which could in turn lead to a Loss of confidentiality if any of them use a shared host or if their machine is compromised at some point."
"Page : /php/login.php Destination Page: /php/login.php " ******
Does anyone know if this is correct or is it a false positive, and if correct, can someone tell me how to mitigate this vulnerability.
Thank you, greetings and attentive to your comments.
Not sure if this is a false pos or not, but mitigation is rather simple by enabling external authentication with MFA for admins. Even if they do save the password in browser (they can also do this in more fancy password managers, so to me this is to be expected behavior) they will need to MFA