This page lists all vulnerabilities that can be detected by Invicti.
Vulnerability Name | Classifications | Severity |
---|---|---|
OpenSSL Heartbleed | PCI v3.2-6.5.2; CAPEC-216; CWE-119; ISO27001-A.14.2.5; OWASP 2013-A6; OWASP 2017-A9 | Critical |
Insecure Transportation Security Protocol Supported (SSLv2) | PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 | High |
Insecure Transportation Security Protocol Supported (SSLv3) | PCI v3.2-6.5.4; CAPEC-217; CWE-326; HIPAA-164.306; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 | Medium |
Invalid SSL Certificate | PCI v3.2-6.5.4; CAPEC-459; CWE-295; ISO27001-A.14.1.3; WASC-4; OWASP 2013-A6; OWASP 2017-A3 | Medium |
Version Disclosure (mod_ssl) | CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP PC-N/A; OWASP 2013-A5; OWASP 2017-A6 | Low |
Version Disclosure (OpenSSL) | CAPEC-170; CWE-205; HIPAA-164.306(a), 164.308(a); ISO27001-A.18.1.3; WASC-13; OWASP 2013-A5; OWASP 2017-A6 | Low |
Out-of-date Version (OpenSSL) | PCI v3.2-6.2; CAPEC-310; CWE-1035, 937; HIPAA-164.308(a)(1)(i); ISO27001-A.14.1.2; OWASP PC-C1; OWASP 2013-A9; OWASP 2017-A9 | Information |