SSL Certificate Signed Using Weak Hashing Algorithm

high Nessus Plugin ID 35291


An SSL certificate in the certificate chain has been signed using a weak hash algorithm.


The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.

Note that certificates in the chain that are contained in the Nessus CA database ( have been ignored.


Contact the Certificate Authority to have the SSL certificate reissued.

See Also

Plugin Details

Severity: High

ID: 35291

File Name: ssl_weak_hash.nasl

Version: 1.33

Type: remote

Family: General

Published: 1/5/2009

Updated: 12/15/2023

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 4.9


Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2004-2761


Risk Factor: High

Base Score: 7.5

Temporal Score: 6.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:ietf:md5, cpe:/a:ietf:x.509_certificate

Required KB Items: SSL/Chain/WeakHash

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 8/18/2004

Reference Information

CVE: CVE-2004-2761, CVE-2005-4900

BID: 11849, 33065

CWE: 310

CERT: 836068