daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

remove duplicate

patch-1
sandeep 2023-03-10 03:09:27 +05:30
parent 74dd6249f1
commit b1e0f041ba
1 changed files with 0 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ssl/mismatched-ssl.yaml
View File

@ -1,23 +0,0 @@
id: mismatched-ssl
info:
name: Mismatched SSL Certificate
author: pdteam
severity: low
description: |
Mismatched SSL vulnerability occurs when an SSL-enabled web server is configured to accept connections with both TLS and SSL protocols, allowing attackers to downgrade the security of a connection to a weaker, more vulnerable version of the protocol.
This vulnerability can be exploited to gain access to sensitive data and potentially gain control of the system.
reference: |
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-certificate-name-hostname-mismatch/
- https://www.tenable.com/plugins/nessus/45411
remediation: |
Ensure that all SSL certificates are issued by trusted Certificate Authorities. Check the Certificate Authorities list of the server to ensure that all SSL certificates have been issued by a trusted CA.
tags: ssl
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
- "mismatched == true"