Detections
Analytics

SSL Certificate Signed with the Revoked DigiNotar Certificate Authority

medium Nessus Plugin ID 56043

Language:

Synopsis

The SSL certificate for this service was signed by a compromised CA certificate.

Description

The X.509 certificate of the remote host was signed by a certificate belonging to a Certificate Authority (CA) called DigiNotar, which was revoked due to a known compromise. You should verify that the remote certificate indeed was obtained legally, and you should get a new CA to sign it, as most web browsers are being updated to stop trusting this authority.

Solution

Purchase or generate a new certificate for this service.

See Also

http://www.nessus.org/u?f3fc8e9a

http://www.nessus.org/u?baa49230

Plugin Details

Severity: Medium

ID: 56043

File Name: ssl_diginotar.nasl

Version: 1.13

Type: remote

Family: General

Published: 9/1/2011

Updated: 11/16/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Score from an in depth analysis done by tenable

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: manual

Vulnerability Information

Required KB Items: SSL/Supported