Windows Authentication QIDs

These vulnerability checks (QIDs) return information useful for verifying Windows trusted scanning and testing the user account used. You can view scan results directly or use other tools such as scan report templates, asset search and host information views.

Windows Authentication Status

QID	Severity	Title	Description
70053		Windows Authentication Method for User-Provided Credentials	Windows authentication was performed successfully with user-provided credentials. The Results section includes a list of authentication credentials used.
70028		Windows Authentication Method	Windows authentication was performed for the host scan. The Results section includes a list of authentication records used for authentication with the username associated with each record. Learn more
105015		Windows Authentication Failed	Windows authentication enabled for the host scan, but login attempts using the credentials defined in authentication records failed.
105296		Windows Authentication Not Attempted	Windows authentication was enabled for the host scan, but not performed for the host because the host’s IP address and domain were not included in authentication records.

Windows Information: Registry and File Access

QID	Severity	Title	Description
70038		File and Print Services Access Denied	Remote access to File and Print services did not succeed via CIFS. If Windows authentication was enabled for the host scan, these QIDS will not be reported: Windows Authentication Method (70028) Windows Authentication Failed (105015) Check that Print and File services is enabled and that CIFS is running.
90035		Missing AllowedPaths Registry Key	AllowedPaths registry key was found missing or improperly defined. This key defines which part of the registry can be viewed by non-administrators.
90331		Access to File Share is Enabled	Access to the file share on the target host is enabled.
90399		Windows File Access Denied	Access to the share was successful, but remote access to the files in the Result section was denied. Vulnerabilities that require file access may not have been detected during the scan.
90194		Windows Registry Pipe Access Level	Return code from remote registry access via CIFS is provided in the Results section. CIFS accesses the Windows registry through a named pipe. Authentication to CIFS was successful, but it could not access the registry named pipe if the error code is not 0.
90195		Windows Registry Key Access Denied	Remote access to the registry keys in the Results section has been denied, although access to the registry named pipe was successful.
105025		Windows Registry Access Level	The registry keys in the Result section can be accessed by the scanning engine. These keys are important for performing patch verification.
105177		Microsoft Windows Registry Critical Keys Security Policy	Access Control Lists associated with some of the critical registry paths on the Windows system are provided in the Results section.