Windows Server Summit 2024
Mar 26 2024 08:00 AM - Mar 28 2024 04:30 PM (PDT)
Microsoft Tech Community
LIVE
SOLVED

Nessus scan discovery

Copper Contributor

We ran a Nessus scan recently and it came back with a Medium security vulnerability. I was wondering if anyone knew how to fix it. Thanks!MicrosoftTeams-image.png

7 Replies
What web server are you running?
In case you are running IIS, then we might be able to help you. However, in case you are using third-party web service such as Apache , you need to check with them and normally you have to update them.

@Reza_Ameri 

Hi Reza_Ameri,

Thank you for responding and offering to assist me.

 

Windows Admin Center is running on a Windows 10 21H1 Workstation. Looks like IIS is the same version.

 

Try check for update and see if there is any pending update on the Windows Server.
IIS receives updates through the Windows Update.
Do you have any web applications running on the server?
Updates are current. I don't have any Web Apps running on the workstation. I know WAC opens a browser window. Does it need IIS? The ticket from Nessus identifies the fault being seen at TCP port 6516, a typical WAC installation setup.
If I stop IIS will that remove the error?
best response confirmed by kflatop (Copper Contributor)
Solution
By the WAC are you referring to the Windows Admin Center?
No , it should be safe, I guess it could be a false-positive and I advise you to check with Nessus's support.
Yes, Windows Admin Center. I got lazy.
I'll stop the IIS service and see if that eliminates the message. That is a good idea to contact Nessus. It may be a false positive. I've been running WAC for quite a while and this is the first time it got flagged.
Thanks for your help.
The WAC and IIS are being tested before release and they are safe and I guess behavior monitoring engine of the Nessus incorrectly detect it as unsafe.
1 best response

Accepted Solutions
best response confirmed by kflatop (Copper Contributor)
Solution
By the WAC are you referring to the Windows Admin Center?
No , it should be safe, I guess it could be a false-positive and I advise you to check with Nessus's support.

View solution in original post