WEB_IIS /iisadmpwd/aexp2.htr access


Code: p1115

Severity: Warning


Description: This event is generated when an attempt is made to request an HTTP-based password change.

Impact: Information gathering/remote access. Error messages from failed password changes can indicate whether a given account exists on the server. Successful password changes can allow remote access to the server.

Corrective: Remove the IISADMPWD virtual directory to disable remote password changes. Consider running the IIS Lockdown Tool to disable HTR functionality.