CAPEC-459

,

ISO27001-A.10

,

OWASP 2013-A6

,

OWASP 2017-A3

,

PCI v3.2-6.5.4

,

WASC-4

,

Certificate is Signed Using a Weak Signature Algorithm

Severity:

High

Summary

Invicti detected that a certificate is signed using a weak signature algorithm.

The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.

Impact

Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of this vulnerability.

Remediation

You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.

Required Skills for Successful Exploitation

Actions To Take

Classifications

,

,

,

,

,

,

Vulnerability Index

You can search and find all vulnerabilities

Select Category

Select Vulnerability

Related Vulnerabilities

Source Code Disclosure (Java Servlet)

Sensitive Data Exposure - SSH Key

Cross-site Referrer Leakage through usage of unsafe-url in Referrer-Policy

Sensitive Data Exposure - Database Connection String - MongoDB - MySQL

Cross-site Referrer Leakage through usage of strict-origin in Referrer-Policy

Featured resources

Strengthening enterprise application security: Invicti acquires Kondukto

Read this article

Modern AppSec KPIs: Moving from scan counts to real risk reduction

Read this article

Friends don’t let friends shift left: Shift smarter with DAST-first AppSec

Read this article

Vibe talking: Dan Murphy on the promises, pitfalls, and insecurities of vibe coding

Read this article

Strengthening enterprise application security: Invicti acquires Kondukto

Read this article

Modern AppSec KPIs: Moving from scan counts to real risk reduction

Read this article

Friends don’t let friends shift left: Shift smarter with DAST-first AppSec

Read this article

Vibe talking: Dan Murphy on the promises, pitfalls, and insecurities of vibe coding

Read this article

View all resources

Build your resistance to threats. And save hundreds of hours each month.