Summary #

Netsparker detected that a certificate is signed using a weak signature algorithm.

The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.

Impact #
Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of this vulnerability.
Remediation #
You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.
Classifications #
PCI v3.2-, CAPEC-459, ISO27001-A.10, WASC-4, OWASP 2013-A6, OWASP 2017-A3
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities


Search Vulnerability


Dead accurate, fast & easy-to-use Web Application Security Scanner