SSL Self-Signed Certificate

medium Nessus Plugin ID 57582
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The SSL certificate chain for this service ends in an unrecognized self-signed certificate.

Description

The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

Note that this plugin does not check for certificate chains that end in a certificate that is not self-signed, but is signed by an unrecognized certificate authority.

Solution

Purchase or generate a proper SSL certificate for this service.

Plugin Details

Severity: Medium

ID: 57582

File Name: ssl_self_signed_certificate.nasl

Version: 1.5

Type: remote

Family: General

Published: 1/17/2012

Updated: 4/27/2020

Dependencies: ssl_certificate_chain.nasl

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Vulnerability Information

Required KB Items: SSL/Chain/SelfSigned