SSL Self-Signed Certificate

medium Nessus Plugin ID 57582

Synopsis

The SSL certificate chain for this service ends in an unrecognized self-signed certificate.

Description

The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.

Solution

Purchase or generate a proper SSL certificate for this service.

Plugin Details

Severity: Medium

ID: 57582

File Name: ssl_self_signed_certificate.nasl

Version: 1.5

Type: remote

Family: General

Published: 1/17/2012

Updated: 4/27/2020

Dependencies: ssl_certificate_chain.nasl

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.4

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Information

Required KB Items: SSL/Chain/SelfSigned