Windows Authentication QIDs

These vulnerability checks (QIDs) return information useful for verifying Windows trusted scanning and testing the user account used. You can view scan results directly or use other tools such as scan report templates, asset search and host information views.

Windows Authentication Status

QID

Severity

Title

Description

70053

Information Gathered severity level 1

Windows Authentication Method for User-Provided Credentials

Windows authentication was performed successfully with user-provided credentials. The Results section includes a list of authentication credentials used.

70028

Information Gathered severity level 1

Windows Authentication Method

Windows authentication was performed for the host scan. The Results section includes a list of authentication records used for authentication with the username associated with each record. Learn more

105015

Information Gathered severity level 1

Windows Authentication Failed

Windows authentication enabled for the host scan, but login attempts using the credentials defined in authentication records failed.

105296

Information Gathered severity level 1

Windows Authentication Not Attempted

Windows authentication was enabled for the host scan, but not performed for the host because the host’s IP address and domain were not included in authentication records.

Windows Information: Registry and File Access

QID

Severity

Title

Description

70038

Information Gathered severity level 1

File and Print Services Access Denied

Remote access to File and Print services did not succeed via CIFS. If Windows authentication was enabled for the host scan, these QIDS will not be reported:
Windows Authentication Method (70028)
Windows Authentication Failed (105015)

Check that Print and File services is enabled and that CIFS is running.

90035

Information Gathered severity level 2

Missing AllowedPaths Registry Key

AllowedPaths registry key was found missing or improperly defined. This key defines which part of the registry can be viewed by non-administrators.

90331

Information Gathered severity level 1

Access to File Share is Enabled

Access to the file share on the target host is enabled.

90399

Information Gathered severity level 1

Windows File Access Denied

Access to the share was successful, but remote access to the files in the Result section was denied. Vulnerabilities that require file access may not have been detected during the scan.

90194

Information Gathered severity level 2

Windows Registry Pipe Access Level

Return code from remote registry access via CIFS is provided in the Results section. CIFS accesses the Windows registry through a named pipe. Authentication to CIFS was successful, but it could not access the registry named pipe if the error code is not 0.

90195

Information Gathered severity level 1

Windows Registry Key Access Denied

Remote access to the registry keys in the Results section has been denied, although access to the registry named pipe was successful.

105025

Information Gathered severity level 1

Windows Registry Access Level

The registry keys in the Result section can be accessed by the scanning engine. These keys are important for performing patch verification.

105177

Information Gathered severity level 2

Microsoft Windows Registry Critical Keys Security Policy

Access Control Lists associated with some of the critical registry paths on the Windows system are provided in the Results section.