SSL Self-Signed Certificate.txt - HĐ 1511/2023/HĐKT/CAT-ELCOM-VNPT (CAMERA HUẾ) - Hệ thống quản lý sự cố/feedback ELCOM

Feature #339 » SSL Self-Signed Certificate.txt

Tăng Bá Thiện , 05/02/2024 09:13 AM

 - SSL Self-Signed Certificate-
       Synopsis
       The SSL certificate chain for this service ends in an unrecognized self-signed certificate.
       Description
       The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.
       Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.
       Solution
       Purchase or generate a proper SSL certificate for this service.
       Risk Factor
       Medium
       CVSS v3.0 Base Score
 .5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
       CVSS v2.0 Base Score
 .4 (CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N)
       Plugin Information
       Published: 2012/01/17, Modified: 2022/06/14
       Plugin Output
       tcp/443/www
       The following certificate was found at the top of the certificate
       chain sent by the remote host, but is self-signed and was not
       found in the list of known certificate authorities :
       |-Subject : C=DE/L=Grasbrunn/O=Bosch Sicherheitssysteme GmbH/CN=Bosch ST Root CA

(5-5/5)