12053: SSL Server Outdated Certificate Vulnerability

SSL Server Outdated Certificate Vulnerability

General Info

	TC:	12053
	Description:	SSL is a network layer that allows privacy in communications. Servers supporting SSL should use valid certificates. Your server is using an out of date certificate.
	TC Impact:	Gather Info

Specific Operations and Actions:

	Vulnerability Publication:	N.A.
	Advisory Copyright:	N.A.
	Summary:	Your server is using an out of date certificate.
	Risk:	Medium
	CVSS 2.0 metrics:	Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
	CVSS 2.0 Base Score:	4.3

	Vulnerability Impact:	Gather Info

	Host Impact:	Social engineering attacks could be launched.
	Nature of Remediation:	Change the configuration.

	Step required to fix the reported vulnerability:
	*** Solution type: Update Configuration *** Configure the service so that it uses a new valid certificate.

Glossary and References :

	References:
	* MISC: About the risk of using invalid certificates: http://www.rsasecurity.com/products/keon/datasheets/KWS_DS_0702.pdf

	CVE Link:	GENERIC-MAP-NOMATCH

	Glossary:	Social Engineering SSL TLS

© 2003-2010 NexantiS Corporation (www.securescout.com)
SecureScout is a trademark of NexantiS
All Rights Reserved
All products names referenced herein are trademarks of their respective companies

SecureScout products are certified:
CVE Compatible
SANS TOP 20 Compatible
CVSS Compatible (Common Vulnerability Scoring System)