SSL Certificate Signed with the Publicly Known Cyberoam Key

This script is Copyright (C) 2012 Tenable Network Security, Inc.

Synopsis :

The SSL certificate for this service was signed by a CA whose private
key is public knowledge.

Description :

The X.509 certificate of the remote host was signed by a certificate
belonging to a Certificate Authority (CA) found in Cyberoam devices.
The private key corresponding to the CA was discovered and publicly
disclosed, meaning that the remote host's X.509 certificate cannot be

See also :

Solution :

Configure the device to use a device-specific CA certificate.

Risk factor :

Medium / CVSS Base Score : 5.8
CVSS Temporal Score : 5.5
Public Exploit Available : true

Family: General

Nessus Plugin ID: 61447 ()

Bugtraq ID: 54291

CVE ID: CVE-2012-3372