They're both rated medium. Makes me wonder how one come across either of these vulnerabilities in practice.
Telnet is disabled by default since windows 7 (that's 10 years ago). You wouldn't see anything internal with telnet unless it's seriously misconfigured or employees doing their own thing to circumvent IT. This should one maybe be upped to high.
self signed certificates on the other hand. either there is someone too lazy to obtain public certificates or the scanning tool doesn't accept the internal PKI.
Telnet is disabled by default since windows 7 (that's 10 years ago). You wouldn't see anything internal with telnet unless it's seriously misconfigured or employees doing their own thing to circumvent IT. This should one maybe be upped to high.
self signed certificates on the other hand. either there is someone too lazy to obtain public certificates or the scanning tool doesn't accept the internal PKI.