Hardcoded SSL Certificate Detection

Info Nessus Network Monitor Plugin ID 7280

Synopsis

A hardcoded, non-unique X.509 certificate has been detected.

Description

The remote host is using a hardcoded, non-unique X.509 certificate. This may allow a remote, unauthenticated attacker to carry out impersonation, man-in-the-middle, or passive decryption attacks, resulting in sensitive information exposure.

Solution

Where possible, users of affected devices should manually replace X.509 certificates so that they are unique to the device.

Plugin Details

Severity: Info

ID: 7280

File Name: 7280.pasl

Version: 1.0

Family: Generic

Published: 2017/08/20

Modified: 2017/08/20

Risk Information

Risk Factor: Info