Weak Authentication Method

Risk:
Medium

Type:
Passive

CWE:
326

Summary: HTTP basic or digest authentication has been used over an unsecured connection. The credentials can be read and then reused by someone with access to the network.

Solution: Protect the connection using HTTPS or use a stronger authentication mechanism

References: https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html