Authentication detected over HTTP. HTTP does not provide any encryption or protection for these authentication credentials. This may expose these credentials to unauthorized parties. Use ‘https://’ instead. Likelihood: LOW Confidence: LOW CWE: - CWE-523: Unprotected Transport of Credentials
OWASP: - A02:2017 - Broken Authentication
- A02:2021 - Cryptographic Failures
disabled-cert-validation
Certificate verification has been explicitly disabled. This permits insecure connections to insecure servers. Re-enable certification validation. Likelihood: LOW Confidence: LOW CWE: - CWE-295: Improper Certificate Validation
OWASP: - A03:2017 - Sensitive Data Exposure
- A07:2021 - Identification and Authentication Failures