This page lists all vulnerabilities that can be detected by Netsparker.
Vulnerability Name | Classifications | Severity |
---|---|---|
OpenSSL Heartbleed | PCI v3.2-, CAPEC-216, CWE-119, ISO27001-A.14.2.5, OWASP 2013-A6, OWASP 2017-A9 | Critical |
Insecure Transportation Security Protocol Supported (SSLv2) | PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 | High |
Insecure Transportation Security Protocol Supported (SSLv3) | PCI v3.2-, CAPEC-217, CWE-326, HIPAA-326, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 | Medium |
Invalid SSL Certificate | PCI v3.2-, CAPEC-459, CWE-295, ISO27001-A.14.1.3, WASC-4, OWASP 2013-A6, OWASP 2017-A3 | Medium |
Version Disclosure (mod_ssl) | CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 | Low |
Version Disclosure (OpenSSL) | CAPEC-170, CWE-205, HIPAA-205, ISO27001-A.18.1.3, WASC-45, OWASP 2013-A5, OWASP 2017-A6 | Low |
Out-of-date Version (OpenSSL) | PCI v3.2-, CAPEC-310, CWE-829, HIPAA-829, ISO27001-A.14.1.2, OWASP PC-C1, OWASP 2013-A9, OWASP 2017-A9 | Information |