AnsweredAssumed Answered

Qualys WAS - Selenium IDE script and password disclosure.

Question asked by vvdesh on Jul 2, 2014
Latest reply on Jul 2, 2014 by WillB

Hi Qualys Team,

 

We have over 100+ users and There is a huge risk of password disclosure in Qualys WAS  Authentication records. We can view other peoples Auth records with Password. Is it

possible to do  change permissions on the records so that only the owner of the record gets to view their record.

 

Qualys WAS------>Authentication------>Edit------>Form record ----->View

 

  Modify this one to only display what the owner owns and for other records.

 

Sensitive contents within the script are masked. Click display to show sensitive contents.


Is there a workaround other than changing our passwords every time.


Thanks in Advance.


Venk

Outcomes