Detail

Certificate is Signed Using a Weak Signature Algorithm

Severity: High

Summary #

Invicti detected that a certificate is signed using a weak signature algorithm.

The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.

Impact #
Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of this vulnerability.
Remediation #
You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.
Classifications #
PCI v3.2-6.5.4; CAPEC-459; ISO27001-A.10; WASC-4; OWASP 2013-A6; OWASP 2017-A3
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

Select Category

OR

Search Vulnerability

Tags

OWASP 2013-A6  OWASP 2017-A3 

Related Vulnerabilities

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo

Invicti Security Corp
220 Industrial Blvd Ste 102
Austin, TX 78745

© Invicti 2022

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Invicti 2022

SSA Privacy Policy California Privacy Rights Terms of Use Accessibility Sitemap