This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.
The remote service is using a well-known SSL certificate whose private
key has been published.
The X.509 certificate of the remote host is known to be shipping by
default with the remote service / device. The private key for this
cert has been published, therefore the SSL communications done with
the remote host can not be considered as being secret as anyone with
the ability to snoop the traffic between the remote host and the
clients could decipher the traffic.
See also :
Purchase or generate a proper certificate for this service and
replace it, or ask your vendor for a way to do so.
Risk factor :
Medium / CVSS Base Score : 5.8
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now