Revoked SSL Certificate
Summary#
Invicti detected a revoked SSL certificate. Certificate revocation is a process of invalidating an issued SSL certificate. Sometimes a Certificate Authority may revoke an SSL certificate if, for example, a domain is suspected of phishing/malware/etc, if the certificate owner has violated the terms and conditions, or if a certificate was wrongfully issued.
Impact#
It can impact both website and the users:
- Warning error messages displayed by browsers when visiting the site
- Personal information at risk from man-in-the-middle attacks
- Reduction in trust as the site becomes insecure
- Ability for an attacker to create identical phishing website
Remediation#
The process of reissuing revoked SSL certificates varies depending on the host or the certificate authority used. Please refer to the corresponding documentation.
Classifications#
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities