S3 Vulnerability Analysis RemPlan v2

Remediation Status Comments Asset IP Address
Can S3 provide details of the web server reply? There is no SQL DB

Open Item behind this URL. Login is processed by Auth0. 13.89.172.17
Site uses a wildcard cert for *.truespot.com. See Screens tab for
Open Item capture. 13.84.181.47
Code updated to remove the application routing for the ASP.NET

Open Item framework page and changed most errors to generic 500 return codes. 13.84.181.47









Updated web.Config to set HttpOnly=true and httpCookies

requireSSL=true parameters. See screen capture. All affected
Open Item applications TBD 23 August. 13.84.181.47
























Open Item New site launch - rescan after 12 August 157.245.241.189







Added custom header X-Frame-Options value="DENY" to web.Config

Open Item file. To be propagated to all affected applications by 23 August. 13.84.181.47



























157.245.241.189
Passing Vulnerability 13.84.181.47



Asset Names Asset MAC Address Asset OS Name Asset OS Version Vulnerability CVSS
zz-dev-admin.truespot.com Microsoft Windows 9
recon.truespot.com Microsoft Windows 7.1
rtls.truespot.com Microsoft Windows 7.1
adminapi.truespot.com 7.1
lm360.truespot.com Microsoft Windows 7.1
betaadmin.truespot.com Microsoft Windows 7.1
dealer.truespot.com Microsoft Windows 7.1
auth.truespot.com Microsoft Windows 7.1
valuecalc.truespot.com Microsoft Windows 7.1
admin.truespot.com Microsoft Windows 7.1
betaadminapi.truespot.com Microsoft Windows 7.1
zz-env-dev-recon.truespot.com Microsoft Windows 7.1
zz-dev-dealer.truespot.com Microsoft Windows 7.1
zz-dev-admin.truespot.com Microsoft Windows 7.1
www.truespot.com Debian Linux 9 7.1
dealerapi.truespot.com Microsoft Windows 7.1
betaadminapi.truespot.com Microsoft Windows 5

recon.truespot.com Microsoft Windows 5
lm360.truespot.com Microsoft Windows 5
betaadmin.truespot.com Microsoft Windows 5
dealer.truespot.com Microsoft Windows 5
valuecalc.truespot.com Microsoft Windows 5
admin.truespot.com Microsoft Windows 5

betaadmin.truespot.com Microsoft Windows 5
zz-env-dev-recon.truespot.com Microsoft Windows 5
lotmgmt-d-us-c-web.azurewebsites.net Microsoft Windows 5
zz-dev-dealer.truespot.com Microsoft Windows 5
devmoloadmin.azurewebsites.net Microsoft Windows 5
zz-env-dev-recon.truespot.com Microsoft Windows 5
lotmgmt-d-us-c-web.azurewebsites.net Microsoft Windows 5
zz-dev-dealer.truespot.com Microsoft Windows 5

devmoloadmin.azurewebsites.net Microsoft Windows 5
www.truespot.com Debian Linux 9 5
dealerapi.truespot.com Microsoft Windows 5

lotmgmt-d-us-c-web.azurewebsites.net Microsoft Windows 4.3

devmoloadmin.azurewebsites.net Microsoft Windows 4.3



match
example,
e.com/",
In
The
of order the
subject to
a certificate inactual
the aCN
detect
common
must *** Subject
specified
*.sso.azurewebsites.
does Subject
not Alternative
inCNthe site.
match DNS
name
importance
check
name
Blind of
in-the-middle
Before the
of
Certification
SQL
procedures the
issuing
the isentity
attack
identity a of
the
entity
Practice
Injection
require Name
specified
DNS
*.scm.azurewebsites.
Name
behaves
match Subject
name inAlternative
*.azure-the site.
specified
differently
target name
name
should
and
name
be of
certificate be
prevent
(CN)
verified, the orentity
presented
active
field in
else Name
net
*.azurewebsites.net
*
name does*.scm.azure-
Subject not match
Alternative
specified innot
the
presenting
and
the gain
certificate,
validity
entity
(hostname).
Statement
attack
the of
more
subject full
a
thethecontrol
requesting
(CPS).
CNdifficult
field Fix
The the subject's
subject's *.azurewebsites.net
Name
in
net
mobile.net
*
with
specified the site.
does
Subject
the not match
does
Alternative
following
in the site.
presenting
by
"www.example.com".
eavesdropping
the
an X.509
attacker the
certificate
could mobile.net
* Subject
target
could
Name
site. name
not be does not
Alternative
certificate.
of the
subject's
the
Thus, data
Certification
certificate,
butanot
of standardCN, stream.
impossible.
certificate that
as
to Common
common Name
name (CN)
(CN) does
*
target
match
Name
payloads: not
Subject
name
DNS match
Alternative
*.azure-name
certificate.
"https://www.exampl
attacks,
does
then not
launch the For
match validity
a the the
man- match
Name
specified
resolved
*.azurewebsites.net target anname
inAlternative
to the site.
IP
Of
A
An CN
matchparticular
Authority
should
specified match
mismatch
certificate
attacker
the (CA)
in the must
validation
can
actual CA's
most
still field in the certificate
X.509 target
net
Name
** Subject
specified
mobile.net name
does
Subject not
in match
the
does site.
not
Alternative
example,
e.com/",
In
The
of
nameorder
a subject to
certificate
of
in-the-middle in
the
the aCN
detect
common
must
entity
attack specified
address
does* not
Subject in
via the
DNS
match site.
DNS
Alternative
Before
importance
check
name
often
retrieve
name issuing
the
of
Certification
occurs
proceduresof the
valuable
the is
identity
duea
the
entity
Practice
require
entity of
to a certificate
Fix Blind should
SQL be specified
DNS
Name
match
Name* name in
*.azure-
target
ADw-script the site.
specified
name
AD4-
*.scm.azure-
certificate
should
and
name
be
presenting
and be
prevent
(CN)
verified,
gain presented
oractive
field
the in
else net * Subject
lookup
name does not
specified match
Alternative
innot
the
certificate,
validity
the entity
(hostname).
Statement offull
configuration
the subject
information
presenting a
the control
requesting
(CPS).
CN
and
the error,
field Fix
Thethe
fixed to subject's
subject's
Injection reflect the Name
in
net
mobile.net
** Subject
specified
alert(42)
mobile.net the site.
does not match
does
inAlternative
the site.
ADw-/script
does not
by
"www.example.com".
eavesdropping
the
an X.509
attacker
certificate.
of the data certificate
could
stream. target
Name
site.
*.scm.azurewebsites. Subject
name Alternative
Certification
subject's
the
Thus,
though
of certificate,
standardCN,
it can
a certificate
potentially
certificate. that
as
also
execute
For to Common
common Name
name
name of the entity (CN)
(CN) Name
AD4-
match*
target
match Subject
name
ORDNS Alternative
*.azure-name
*.scm.azure-
target name
"https://www.exampl
attacks,
does
then
Of not
launch
particular the
match validity
aathe the
man- Name
specified
*.azurewebsites.net
net ** Subject does notinAlternative
the site.
match
Authority
should
specified
A CN
certificate
indicate
match
operating
example, match
mismatch
the (CA)
in
that the must
validation
inactual
system CA's
most
man-
aentity field in the certificate
presenting X.509
the Name * Subject
specified
mobile.net
16818=16818
specified Subject inAlternative
in the
the site.
does not
Alternative
site.
e.com/",
In
of
nameorder
a
Before
importanceof
in-the-middle the
to
certificate
the
issuing isCN
detect must
attack
a to
the *.sso.azurewebsites.
does
Name
DNS * not
Subject
name match DNS
Alternative
specified
check
name the
of
Certification
often occurs theidentity
entity
Practice
due ofa certificate should be *.scm.azurewebsites.
Name *.azure-
Vulnerability Title procedures
in-the-middle
name
commands
should
and
be
and
of
certificate
Vulnerability
be
prevent
verified,
presenting
gain
certificate,
the
full
a
require
by attack
entity
asking
presented
Descrip
active
orcontrol
the else Vulnerability Test Ensure (e.g.,
that
ReVulnerability the the
Web match
Name
SolutioVulnerability
net
name *
*.azurewebsites.net
Name doestarget
DNS
Subject not
specified
name
name
*.scm.azure-
Proof
match
Alternative
innot
the
validity
the
the
is entity
(hostname).
Statement ofconducted.
configuration
subject
being
presenting
a series the
ofrequesting
(CPS).
CN
the
True error,
field
and Fix
Thethe
fixed to subject's
subject's
hostname).reflect
application theis
This
validates in
net
mobile.net
** Subject
specified
does not
ADw-script match
does
inAlternative
the
does site.
AD4- not
by
"www.example.com".
eavesdropping
an attacker
certificate.
of the data could
stream. target
Name
site.
does
name
not Alternative
match
Certification
subject's
the
Thus,
though
of a certificate,
standard
it
certificateCN,
can that
as
also
to Common
common
name
done of Name
name
the entity
by generating (CN)
(CN) target
match
Name name
DNS
*.azure-name
*.scm.azure-
certificate.
False
attacks,
then questions
"https://www.exampl
launch the Forvalidity
aathe
man- and encodes user a *.azurewebsites.net
match
alert(42)
Name
specified
target
target
name
name
ADw-/script
inAlternative
the site.
Of particular
Authority
should
specified match (CA)
in the must
CA's certificate net ** Subject does not match
A CN
match
Please
example,
through
e.com/",
In
of order
a
Before
mismatch
certificate
indicate the that
note
SQL
the
to
certificate
in-the-middle
issuing
validation
inactual
CN
detect
most
man-
athat
mustthis
attack
a
field
inputin
presenting
new before using it specified
the X.509
the
certificate mobile.net
specified
AD4-
does *
specified
Subject
AND
not
Subject
in the
the site.
does
match
in
not
inAlternative
site.
DNS
Alternative
the site.
importance
check
name the
of
Certification
often occurs the is the
identity
entity
Practice
due a toofa should be DNS
Name name specified
*.azure-
Blind SQL Injection procedures
in-the-middle
name
check
should
and
be
and
of
may
certificate
statements. be
prevent
verified,
gain
certificate,
the
full
a
require
or
attack
entity
flag
presented
active
else
control Vulnerable certificate
usually
in a SQL (e.g.,
signed
query. by a match
the Name
16818=16819
net
name
Name * doestarget
DNS
Subject not
specified
name
name
*.scm.azure-
match
Alternative
in the
validity
the
the
is entity
(hostname).
configuration
subject
being
presenting
false positive the
requesting
(CPS).
CN
the error,
field
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This in
mobile.net
** Subject
specified
mobile.net
*.sso.azurewebsites. the site.inAlternative
does not
the site.
does not
by
"www.example.com".
eavesdropping
an
of attacker
the data could
stream. target
Name
site.
name Alternative
Certification
subject's
the acertificate,
Thus,
though
of standardCN,
itthat
certificate
certificate. canFor that
as
also
to Common
common
name
done Name
name
of generating
by the entity(CN)
(CN)a Name
match
match * Subject
DNS Alternative
*.azure-name
*.scm.azure-
target name
servers
"https://www.exampl
attacks,
then launch the are
validity
a man- Authority (CA) net
Name
specified
*.azurewebsites.net does not match
inAlternative
the site.
Of particular
Authority
should
specified
A CN
certificate
indicate
match
Please match
mismatch
the (CA)
in
that
note the must
athe
validation
actual CA's
most
man-
that this field in the
presenting
new the the Name
certificate
X.509
certificate net
specified** Subject
mobile.net does not
Subject in match
the
does site.
not
Alternative
example,
properly
e.com/",
In
of order
a
in-the-middle to
certificate in
the a
configured
CN
detect must
attack trusted by both specified
DNS
does * name
not
Subject in the
match site.
specified
DNS
Alternative
importance
check
name
proceduresthe
of
Certification
often occurs
in-the-middle
name
check of
may the
the is the
identity
entity
Practice
due
require
attack
entity
flag a of
to a certificate
usually should
(e.g.,
signed by be
the
a DNS
Name
The
match
Name name
target
DNS specified
*.azure-
subject common
name
name
*.scm.azure-
certificate
X.509 Certificate Sub should
using
and
be
and SNI.
be
prevent
verified,
gain presented
full oractive
else
control Vulnerable client and server. in
net
name
Name * Subject the site.
does not match
Alternative
specified innot
the
validity
the
the
is entity
(hostname).
configuration
subject
being
presenting
false positive the
requesting
(CPS).
CN
the error,
field
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This in
net
mobile.net
name
specified
mobile.net** Subject
*.sso.azurewebsites. the site.
does
foundnot match
does
in the
inAlternative
the
does site.
not
by
"www.example.com".
eavesdropping
an
of attacker
the data could
stream. target
Name
site.
name Alternative
subject's
the
Thus,
though
of certificate,
standard
a certificate
certificate.
servers CN,
itthat
canFor that
as
also
areto Common
common
name
done Name
name
of generating
by
Authority the
(CA) (CN)
(CN) target
match
X.509
entity a Name
Name
match
net name
doesDNS name
certificate
*.scm.azure-
target
not name
match
"https://www.exampl
attacks,
then
Of launch
particular the validity
a man- specified
*.azurewebsites.net inAlternative
the site.
should
specified
A CN
match
Please
example,
properly
e.com/",
In order
match
mismatch
certificate
indicate the
note in
that
in athe
the
validation
actual
athat
configured
the
to CN
detect
CA's
most
man-this field
new in the
presenting the the net
certificate
X.509
certificate
trusted by both specified
does
mobile.net
specified
DNS ** Subject
does
not not
Subject
name in
seem
in
match
the
does
the site.
to not
Alternative
site.
specified
of
namea
often certificate
in-the-middle
importanceof
Certification
occurs the is must
attack
the
entity
Practice
due to a certificate should be does
DNS
Name * not
Subject
name match DNS
Alternative
specified
*.azure-
X.509 Certificate Sub procedures
in-the-middle
name
check
should
and
be
and
of
may
certificate
using SNI.
be
prevent
verified,
gain
the
full
require
attack
entity
flag
presented a
oractive
else
control Vulnerable usually
client and (e.g.,
signed by
server. the
a match
Name
in
net
name
Name * Subject the the
DNS
site.
does scan
not name
*.scm.azure-
match
Alternative
specified innot
the
validity
(hostname).
Statement
the
is ofconducted.
configuration
subject
being
presenting
false positive the
(CPS).
CN
the error,
field
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This in
mobile.net
target:
specified
mobile.net ** Subject
*.sso.azurewebsites. the site. does
inAlternative
the site.
does not
by
"www.example.com".
eavesdropping
an
of attacker
the data could
stream. target
Name
site.
name Alternative
subject's
Thus,
though
of standard
it
a certificate CN,
can that
also
to Common
common
name of Name
name
the entity(CN)
(CN) match
Name * Subject DNS
*.azure-name
*.scm.azure-
certificate.
servers theFor
that
"https://www.exampl
attacks,
then
Of launch
particular
are
validity
a man-
done by generating
Authority (CA) a Name
match
net
specified
*.azurewebsites.net does inCN
target
not name
match
the site.
should
A CN
certificate
indicate
match
Please
example,
properly
e.com/",
In order
match
mismatch
the that
note in athe
validation
actual
athat
configured
the
to CN
detect
most
man-this field
new in the
certificate
X.509
certificate
mobile.net ** Subject
*.cloudwaysapps.co
specified
DNS
does not
Subject
name in
match
inAlternative
the
does site.
not
Alternative
the site.
specified
of
namea
often certificate
in-the-middle
importanceof
occurs the is must
attack
the
entity
due to a Vulnerable should be does
DNS
Name * not
Subject
name match DNS
Alternative
specified
*.azure-
X.509 Certificate Sub procedures
in-the-middle
name
check
using
should
and
be
and
of
may
certificate
SNI.
be
prevent
verified,
gain
the
full
require
attack
entity
flag
presented a
active
orcontrol
else
certificate
usually
client and (e.g.,
signed by
server. the
a match
m
Name
in
net
name
Name * does
the target
DNS
not
site.
does
Subject not name
name
match
match
Alternative
specified innot
the
validity
(hostname). ofconducted.
configuration the error, Fix
Thethe
fixed to subject's
subject's
reflect theis in
mobile.net the site. does
the
is
by
an
of
subject
being
presenting
false positive
"www.example.com".
eavesdropping
attacker
the data
CN
the field
against
could
stream.
hostname).
Certification This specified
target ** Subject
target
Name
site.
Subject
name
name Alternative
inAlternative
the site.
subject's
though
of a it
certificate
certificate. CN,
can that
also
to Common
common
name
done of
by Name
name
the entity
generating (CN)
(CN) a match
Name DNS name
*.scm.azure-
servers
attacks,
then
Of launch
particular theFor
that
"https://www.exampl are
validity
a man- Authority (CA) specified
net does not
Name
specified
*.azurewebsites.net in the
in the site.
match
site.
should
A CN
indicate
match
Please
example,
properly
e.com/",
In order
match
mismatch
the that
note athe
inactual
athat
configured
the
to CN
detect
most
man-this field
new in the
certificate
X.509
certificate
mobile.net
DNS ** Subject
does not
Subject
name
match
inAlternative
the
does site.
not
Alternative
specified
of
namea
often certificate
in-the-middle
importanceof
occurs the is must
attack
the
entity
DNS
Name * not
Subject
name match DNS
Alternative
specified
*.azure-
in-the-middle
name
check
X.509 Certificate Sub and
using
should of
may
certificate
SNI.
be
prevent the flag attack
entity
presented a
active Vulnerable usually
client and (e.g.,
signed by
server. the
a match
Name
in
net *
* DNS
Subject
the site.
does
Subject CN
not name
*.scm.azure-
match
Alternative
be
and verified,
gain
validity
(hostname).
configuration full or
ofconducted.
the else
control
error, Fix
Thethe
fixed to subject's
subject's
reflect theis name
Name
in
mobile.net * Subject specified in
the site.inAlternative
does the
not
is being
presenting
false
by positive
"www.example.com".
eavesdropping the against hostname).
mobile.net
*.cloudwaysapps.co
target
Name namedoes the site.
not
an
of attacker
the
subject's
though data CN,
itthat could
stream.
canare that
also Common
common
name Name
name (CN) site.
(CN)a match
of generating
the entity match
Name DNS name
*.scm.azure-
certificate.
servers theFor
"https://www.exampl done by
Authority (CA) net
m does
does target
not name
match
attacks,
then
Of
A CN
indicate
Please
launch
particular
should match
mismatch
that
note
validity
aathe
man-
most
man-
presenting
new the the net
certificate
X.509
certificate
specified
*.azurewebsites.net
specified
mobile.net ** Subject doesnot
Subject not
in
match
inAlternative
the
the
does
site.
match
site.
not
Alternative
example,
properly
e.com/",
In
of order
a
in-the-middle to
certificate in a
configured
the CN
detect must
attack trusted by both specified
DNS
does * name
not
Subject in the site.
specified
match DNS
Alternative
importance
name
often of
occurs
in-the-middle
check may the is
flag the
entity
due
attack
a to a certificate
usually should
(e.g.,
signed by be
the
a DNS
Name
match
Name name
DNS specified
*.azure-name
X.509 Certificate Sub certificate
using
should
and
be
and SNI.
be
prevent
verified,
gain presented
full oractive
else
control Vulnerable client and server. in
name
Name * Subjectthe site. Alternative
specified innot
the
validity
(hostname). ofconducted.
configuration the error, Fix
Thethe
fixed to subject's
subject's
reflect theis in
** Subject does
is being
false
by positive
"www.example.com".
eavesdropping
an
of attacker
the data
against
could
stream.
hostname).
Name
site.
*.scm.azurewebsites. SubjectinAlternative
the site.
Alternative
subject's
though itthat
servers CN,
canare that
also Common
common
name
done by Name
name
of generating
Authority the
(CA) (CN)
(CN) match
entity a Name
Name
net doesDNS name
*.scm.azure-
not match
"https://www.exampl
attacks,
then
Of launch
particular the validity
aathe
man- ** Subject
*.azurewebsites.net CN
should
A CN
indicate
Please
properly
e.com/",
In order
match
mismatch
that
notethe
to that
configured
CN
detect
most
man-this field
new in the
certificate
X.509
certificate
mobile.net
DNS * Subject
*.cloudwaysapps.co
does not
Subject
name
match
Alternative
inAlternative
the
does site.
specifiednot
of
namea
often certificate
in-the-middle
importanceof
occurs the is must
attack
the
entity
DNS
Name * not
Subject
name match DNS
Alternative
specified
*.azure-
in-the-middle
check
X.509 Certificate Sub should
using
and may
SNI.
be
prevent flag attack
a Vulnerable usually
client and (e.g.,
signed by
server. the
a match
Name
in
net the DNS
site.
does not name
match
be
and verified,
gain
validity
(hostname). full oractive
ofconducted.
configuration the else
control
error, Fix
Thethe
fixed to subject's
subject's
reflect theis
m
name
Name
in
mobile.net could
the
* Subject
notdoes
specified
site. be innotthe
is being
false positive
"www.example.com".
eavesdropping against hostname).
target
resolved name inAlternative
to theIP
an site.
an attacker
of the
subject's
though data
it CN,
can could
stream.
that
also Common
common
name of Name
name
the (CN)
(CN)
entity site.
match
Name DNS name
*.scm.azure-
servers
attacks, that are
the validity done by generating
Authority (CA) a specified
net
address doesvia not match
inAlternative
the
DNS site.
then
Of
should
A CN
indicatelaunch
particular
match
mismatch
that a man-
athe most
man- field in the
certificate
X.509 specified
mobile.net does not
** Subject match
inAlternative
the
does site.
not
Please
properly
In
of order
a note
to
certificate that
configured
detect mustthis new certificate
trusted by both DNS
lookup Subject
name specified
in-the-middle
importance attack
isentity
the DNS * Subject
name Alternative
specified
X.509 Certificate Sub name
often
using
and
be
and
of
occurs
in-the-middle
check may
SNI.
prevent
verified,
gain
theflag
full
due
attack
a
active
orcontrol
else
to a Vulnerable certificate
usually
client and should
(e.g.,
signed by
server. be
the
a Name
match
Name
in
Name * the *.azure-
DNS
site.
Subject name
Alternative
validity
(hostname).
is being
false ofconducted.
configuration
positive the error,
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This in
mobile.net
specified
*.sso.azurewebsites. the site.inAlternative
* Subject does not
the site.
eavesdropping
an
of attacker
the
subject's data CN, could
stream.
that Common
common Name
name (CN)
(CN) Name
match * Subject DNS Alternative
name
though
servers it
thatcan also
are name
done of
by the entity
generating
Authority (CA) a Name
net does not match *.scm.azure-
attacks,
then launch the validity
a man- *.azurewebsites.net
Of
A CNparticular
should
indicate
Please
properly match
mismatch
that
note athe
configured most
man-
presenting
new the the Name
certificate
X.509
certificate
trusted by both
net
specified
mobile.net
DNS
does not
** Subject
Subject
name
match
inAlternative
the
does site.
not
Alternative
specified
of
namea
often certificate
in-the-middle
importanceof
occurs the is must
attack
the
entity
*.cloudwaysapps.co
DNS
Name not
name match DNS
specified
*.azure-
in-the-middle
check
X.509 Certificate Sub be
using may
SNI. flag attack
client and (e.g.,
signed by
server. the
a match
Name
in the DNS
site. name
and verified,
gain
validity
(hostname).
configuration full or else
thecontrol
ofconducted. error, Fix
Thethe
fixed to subject's
subject's
reflect theis name
m
in
mobile.net does
the
* Subject specified
not
site. match
does in the
not
is being
false positive against hostname).
*.sso.azurewebsites. inAlternative
the site.
an
of attacker
the
subject's data CN, could
stream.
that Common
common Name
name (CN) site.
target
(CN)a net
match name
DNS
though itthat
servers
then launch
canare also
aathe
man-
nameby
done of generating
Authority the
(CA)entity Name does notname
*.scm.azure-
match
Of
A CNparticular
should
indicate
Please match
mismatch
that
note most
man-
presenting
new certificate
X.509
certificate specified
specified
the the mobile.net ** Subject
Subject in the
the site.
inAlternative
does site.
not
Alternative
properly
in-the-middle configuredattack trusted by both DNS
**Running name
Subject specified
HTTPS
Alternative
importance isentity
the
often
check
using
and
of
occurs
in-the-middle
may
SNI.
gain
theflag
full
due a to a Vulnerable
attack certificate
usually
client should
(e.g.,
signed
and by
server. a Name
be
the match
Name
in
service the *.azure-
DNS
site. name
validity
(hostname).
configuration
is being
false positive thecontrol
ofconducted. error,
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This Name
mobile.net
specified
*.sso.azurewebsites. ** Subject
SubjectinAlternative
does not
Alternative
the site.
of the
subject's data CN, stream.
that Common
common entity a *.scm.azurewebsites.
Name
name (CN)
(CN) Name
match DNS
though
servers itthat canare also name
done of generating
by
Authority the
(CA) Name
net does notname
*.scm.azure-
match
Of
A CNparticular
should
indicate
Please match
mismatch
that
note athe most
man-
presenting
new the the net
certificate
X.509
certificate cloudwaysapps.com
specified
mobile.net does not
* Subject match
inAlternative
the
does site.
not
properly configured trusted by both DNS name specified
importance
name
often of
occurs the is the
entity
due to a certificate should be DNS
does name
not specified
match
X.509 Certificate Sub in-the-middle
check
using SNI.may flag attack
client and (e.g.,
signed by
server. the
a match
Name
in
HTTP the DNS name
site.
request
validity
(hostname).
is being
false ofconducted.
configuration
positive the error,
against Fix
Thethe
fixed to subject's
subject's
hostname).reflect
Certification theis
This in
target
specified
*.sso.azurewebsites. the site.
name
* Subject thetosite.
inAlternative
subject's
though it CN,
can that
also Common
common
name
done of Name
name
the entity
by generating (CN)
(CN) https://betaadminapi.
a net does notthe
specified
Name in
*.scm.azure- site.
servers that are Authority (CA) match
should
A
Please
properly match
CN mismatch
indicate that
note athe
that
configured most
man-this field in the
presenting
new the the truespot.com/"<script
certificate
X.509
certificate
trusted by both mobile.net
DNS ** Subject
nameAlternative
Subject does not
Alternative
specified
often
check of
using occurs
in-the-middle
may
SNI. theflag entity
due a to a Vulnerable
attack certificate
usually
client and should
(e.g.,
signed by
server. a >TestScriptValueHer
be
the Name
match
Name
in *.azure-
* Subject
DNS
the site. Alternative
name
(hostname).
configuration
is being
false conducted.
positive error,
against The subject's
fixed to reflect
hostname).
Certification theis
This e</script>"
mobile.net
Name
specified
*.sso.azurewebsites. indoes not
the site.
though it
servers that are can also common
name
done of
by name
the (CN)
entity
generating
Authority (CA) a match
*.cloudwaysapps.co
net does not match DNS name
A CN mismatch
indicate
Please
properly that
note a man-
that
configured most
this field
new in the
presenting the the 82:
X.509
certificate
m
DNS [HttpException]:
does
* Subject
name inAlternative
not the site.
match
specified
often
check occurs
in-the-middle
X.509 Certificate Sub using SNI.may flagdue
attack
a to a Vulnerable Disable
certificate
usually detailed
should
(e.g.,
signed
client and server. by be
the
a A
DNS
Name
in the site. potentially
name specified
configuration
is being
false conducted.
positive error,
against ASP.NET
fixed
hostname).
Certificationerror
to reflect theis
This dangerous
in
*.sso.azurewebsites. * Subject
the site.Alternative
though
servers itthat canare also reporting
name
done in IIS
entity a Request.Path
of generating
by
Authority the
(CA) Name
net does value
*.scm.azure-
not match
indicate
Please
properlynote that a man-
that
configured this presenting
new the the was
certificate
trusted by both mobile.net
DNS det...
name83:
* Subject doesat not
Alternative
specified
X.509 Certificate Sub in-the-middle
check
using SNI.may flag attack
a Vulnerable certificate
usually
client and (e.g.,
signed by
server. a System.Web.HttpRe
the match
Name
in the site. DNS name
is being
false conducted.
positive against Follow Microsoft's
hostname).
Certification This is quest.ValidateInputIf
specified
cloudwaysapps.com in the site.
servers that are detailed
done by instructions
Authority generating
(CA) a RequiredByConfig()
does not match DNS
Please
properlynote that this
configured in
newknowledgebase
by both the 84:
certificate
trusted name at specified
* Subject Alternative
in the
X.509 Certificate Sub check
using SNI.may flag a Vulnerable article
usually 306355
client andsigned by a System.Web.HttpAp
server. Name
site.
false positive against (http://support.micros
Certification plication.PipelineSte
servers that are oft.com/kb/306355)
Authority (CA) pManager.ValidateH
net does not match
properly configured to disable
trusted by detailed
both the elper...
DNS name 85: --><!--
ASP.NET
level *asRunning HTTPS
ASP.NET Detailed ErrA detailed ASP.NET erVulnerable level Web.config
ASP.NET error file.
Web.config file. spot.com/<script>xss
72:
is...
service
HttpOnly:
This error page
Set-Cookie:
messages using HTTP
might contain to
request
</script>.aspx
'SameSite=None;
For
You each
may cookie
also error
<name>=<value>[;
either custom sent https://recon.truespot
path=/;
sensitive secure;
information
over
consider
pages SSL in your
or using
<Max-Age>=<age>]
the root- .com/exchange/defa
Cookie isASP.NET
not marked
domain=dealerapi.tru
because
web-site,
Microsoft's add thefile. ult.asp *
as Running
secure: HTTPS
ASP.NET Detailed ErrA detailed ASP.NET erVulnerable [; expires=<date>][;
level Web.config espot.com'
is...
"Secure"
URLScan flag to the service
domain=<domain_na HTTP
Debugrequest mode tocode
response
'ARRAffinitySameSit
cookie. For example:
(http://msdn2.micros
me>] [; https://recon.truespot
was
URL: expected
an server 200
e=1731dac2d6ff064c
enabled:
path=<some_path>] .com/exchange/logo
oft.com/en-us/library/ 1: text/html
9a5bde69317aa7c4d
returned debug
*df981bbc7c75c5250
Running HTTPS
Missing HttpOnly Fla HttpOnly is an additio Vulnerable aa302368.aspx)
[; secure][; HttpOnly] tool n.aspresponse
spot.com/ to DEBUG
service
HTTP request
Use HTTP
Set-Cookie:
to harden IIS X-Frame- HTTP header
6c583bd988fa88;
command for tocode
response
Options
<name>=<value>[;
servers. URLScan https://lm360.truespo
was an httponly;
expected
'Content-Type'
path=/;
https://dealerapi.true 200
was
blocks the DEBUG t.com/exchange/defa
<Max-Age>=<age>] 1: text/html
present and matched
domain=dealerapi.tru
spot.com/<script>xss
*expectation
Running HTTPS
ASP.NET debug featuThe ASP.NET applicati
Vulnerable [; expires=<date>][;
verb by default. ult.asp
espot.com'
</script>.aspx
Use
Send HTTP
the X-Frame-
HTTP service
HTTP
HTTP request
header tocode
response
domain=<domain_na
Options
response
me>] [; headers https://lm360.truespo
was
URL:anheaderexpected
'Content-Type'
HTTP 200
was
with X-Frame- t.com/exchange/logo
1: text/html
present and
'Content-Security-
path=<some_path>] https://dealerapi.true matched
*expectation
Running HTTPS
Missing Secure Flag The Secure attribute tVulnerable Options
[; secure][; instruct n.asp
thatHttpOnly] Policy'
spot.com/ not present
Use
Send HTTP
the HTTPX-Frame- service
HTTP
HTTP request
header tocode
response
the browser to
Options
response headers
restrict framing https://betaadmin.tru
was anheader
expected
'Content-Type'
HTTP 200
was
'X-
with
where X-Frame-
it is not espot.com/exchange
1: text/html
present and matched
'Content-Security-
Frame-Options' not
Click Jacking Clickjacking, also know
Vulnerable allowed. that instruct /logon.asp
Options expectation
Policy'
presentnot present
Use
Send
the HTTP
the HTTP
browser X-Frame-
to HTTP
HTTP request
header tocode
response
Options
response headers
restrict framing https://betaadmin.tru
was
HTTP an expected
'Content-Type'
header 200
was
'X-
with
where X-Frame-
it is not espot.com/exchange
1: text/html
present and matched
'Content-Security-
Frame-Options' not
Vulnerable allowed. that instruct /default.asp
Options expectation
Policy'
presentnot present
Use
Send
the HTTP
the HTTP
browser X-Frame-
to HTTP response
header code
Options
response headers
restrict framing was
HTTP anheader
expected
'Content-Type' 200
was
'X-
with
where X-Frame-
it is not 1: text/html
present and matched
'Content-Security-
Frame-Options' not
Vulnerable allowed. that instruct expectation
Options Policy'
presentnot present
Use
Send
the HTTP
the HTTP
browser X-Frame-
to HTTP header
Options
response headers
restrict framing 'Content-Type'
HTTP header 'X- was
with
where X-Frame-
it is not present and matched
'Content-Security-
Frame-Options' not
Vulnerable allowed. that instruct expectation
Options Policy'
presentnot present
Send
the the HTTP
browser to
response headers
restrict framing HTTP header 'X-
with
where X-Frame-
it is not 'Content-Security-
Frame-Options' not
Vulnerable Options
allowed. that instruct Policy' presentnot present
the browser to
where it is not Frame-Options' not
Vulnerable allowed. present
present and matched
*ogon.asp
expectation Running HTTPS
Use
SendHTTP X-Frame-
the HTTP service
HTTP
HTTP request header tocode
response
Options
response headers https://valuecalc.true
was
'Content-Type'
HTTP anheader
expected 200
was
with X-Frame- spot.com/exchange/
1:
present text/html
'Content-Security- and matched
*default.asp
Options that instruct Policy' not present
Use
SendHTTP X-Frame-
the HTTP service
HTTP
response
the browser to
Options
response headers
restrict framing https://admin.truespo
was
'Content-Type'
HTTP header an expected 200
was
'X-
with
whereX-Frame-
it is not t.com/exchange/defa
1:
present text/html
'Content-Security-
Frame-Options' not and matched
Vulnerable Options
allowed. that instruct ult.asp
expectation
Policy'
present not present
Use
SendHTTP X-Frame-
the HTTP *HTTP
HTTP Running HTTPS
request
response
header tocode
the browser to
Options
response headers service
was
'Content-Type'
HTTP header 'X- an expected 200
was
restrict framing
with
whereX-Frame-
it is not t.com/exchange/logo
1:
present text/html
'Content-Security-
Frame-Options' and matched
not
*n.asp
Vulnerable Options
allowed. that instruct Policy'
present not present
Use
SendHTTP X-Frame-
the HTTP service
HTTP response header code
the browser to
Options
response headers
restrict framing HTTP
was
'Content-Type'
HTTP request
anheader to
expected 200
was
'X-
with
whereX-Frame-
it is not https://admin.truespo
1:
present text/html
'Content-Security-
not
*expectationRunning HTTPS
t.com/login.jsp
Vulnerable Options
present not present
Use
SendHTTP X-Frame-
the HTTP service
HTTP
response
the browser to
Options
response headers
restrict framing https://betaadminapi.
was
'Content-Type'
HTTP anheader
expected 200
was
'X-
with
whereX-Frame-
it is not truespot.com/
1:
present text/html
'Content-Security-
Frame-Options' not and matched
Vulnerable Options
allowed. that instruct HTTP
presentresponse
expectation
Policy' code
not present
Use
Send
the HTTP X-Frame-
the HTTP
browser to HTTP
was
HTTP anrequest
header to 200
expected
Options
response headers
restrict framing https://betaadminapi.
1:
HTTP text/html;
'Content-Type' header 'X-was
with
whereX-Frame-
it is not truespot.com/home/
charset=utf-8
present
'Content-Security- and matched
*Frame-Options'
HTTP Running
expectation HTTPS
response
not
code
Vulnerable Options
present not present
Use
SendHTTP X-Frame-
the HTTP service
was
HTTP header an expected 200
the browser to
Options
response headers
restrict framing 1:
HTTP text/html;
'Content-Type' header 'X-was
with
whereX-Frame-
it is not charset=utf-8
present
'Content-Security-
not
*expectation
Running HTTPS
Vulnerable Options
present not present
Use
SendHTTP X-Frame-
the HTTP service
HTTP
HTTP request header to
the browser to
Options
response headers
restrict framing https://zz-env-dev-
'Content-Type'
HTTP header 'X-was
with
whereX-Frame-
it is not recon.truespot.com/l
present and matched
'Content-Security-
Frame-Options' not
*expectation
ogin.jspRunning HTTPS
Vulnerable Options
present not present
Send the HTTP service
HTTP request response tocode
the browser to *https://zz-env-dev-
Running HTTPS200
response headers
HTTP anheader
expected
'X-
service
recon.truespot.com/e
1: text/html
with
whereX-Frame-
Frame-Options' not
Vulnerable < 1.11.1 that instruct
Options
allowed. xchange/default.asp
Policy'
presentnot present
Use HTTP X-Frame-
the browser to HTTP
HTTP responserequest to
header code
Options
Upgrade to jQuery
restrict framing https://zz-env-dev-
was
*HTTP anheader
'Content-Type'
Running expected
HTTPS 200
was
'X-
*1:
HTTP Running HTTPS
request
recon.truespot.com/e
text/html
present and to
matched
version
where it1.11.1
is not service
Frame-Options' not
service
xchange/logon.asp
expectation
Use
SendHTTP
Download X-Frame-
the HTTP
and apply c-
HTTP response code
headerversion
*Running
Vulnerable
Options *web.azurewebsites.n
was an HTTPS
expected
'Content-Type' 200
was
response
the upgrade headers
from: HTTP
of header
component jQuery
service
et/exchange/logon.a
1: text/html
present
with X-Frame-
https://jquery.com/do -- and matched
'Content-Security-
found jQuery
Options HTTP
sp request to
expectation
jQuery Vulnerability: jQuery 1.4.2 allows reVulnerable Version wnload/ that instruct Policy'
1.10.2 not present
Use
Send
the HTTP
browser X-Frame-
the HTTPto https://lotmgmt-d-us-
HTTP response
header code
Options
response headers
restrict framing c-
was anheader
expected
'Content-Type'
HTTP 200
was
'X-
*HTTP
Running HTTPS
request to
web.azurewebsites.n
1: text/html
present and matched
with
whereX-Frame-
Frame-Options' not
service
et/login.jsp
expectation
Vulnerable Options
presentnot present
Use
Send
the HTTP
browser X-Frame-
the HTTPto c-
HTTP response
header code
Options
response headers
restrict framing web.azurewebsites.n
was anheader
expected
'Content-Type'
HTTP 200
was
'X-
with
whereX-Frame-
it is not et/exchange/default.
1: text/html
present and matched
'Content-Security-
Frame-Options' not
*expectation
Running
HTTP
asp HTTPS
request to
Vulnerable Options
present not present
Use
SendHTTP X-Frame-
the HTTP service
https://zz-dev-
HTTP response
header code
the browser to
Options
response headers
restrict framing dealer.truespot.com/
was anheader
expected
'Content-Type'
HTTP 200
was
'X-
with
whereX-Frame-
it is not exchange/default.as
1: text/html
present and matched
'Content-Security-
Frame-Options' not
Vulnerable Options
allowed. that instruct p
expectation
Policy'
presentnot present
Use
Send
the HTTP
browser X-Frame-
the HTTPto HTTP
HTTP request
header tocode
response
Options
response headers
restrict framing https://zz-dev-
was anheader
expected
'Content-Type'
HTTP 200
was
'X-
with
whereX-Frame-
it is not dealer.truespot.com/
1: text/html
present and matched
'Content-Security-
Frame-Options' not
Vulnerable Options
allowed. that instruct exchange/logon.asp
expectation
Policy'
presentnot present
Use
Send
the HTTP X-Frame-
the HTTP
browser to HTTP response
header code
Options
response headers
HTTP anheader
expected
'Content-Type' 200
was
'X-
with
whereX-Frame-
it is not 1: text/html
present and matched
'Content-Security-
Frame-Options' not
Vulnerable Options
allowed. that instruct expectation
Policy'
presentnot present
Use
Send
the HTTP X-Frame-
the HTTP
browser to HTTP header
Options
response headers
restrict framing 'Content-Type'
HTTP header 'X- was
with
whereX-Frame-
it is not present and matched
'Content-Security-
Frame-Options' not
Vulnerable Options
allowed. that instruct expectation
Policy'
presentnot present
Send
the the HTTP
browser to
response headers
with
whereX-Frame-
Frame-Options' not
Vulnerable Options
presentnot present
the browser to
where it is not Frame-Options' not
article
disabling 245030
static present and matched
recommended
configuration
and Safari
configuration.
apply the is key p *
7. SSLv2,
ECDHE-RSA-
cipher suites.
configuration expectation
compatible
SSLv3, and with
TLSv1 TLS_DHE_RSA_WI
Instead,
Refer
Use
Send to
HTTP
recommended
the
AES128-GCM- use
your
HTTP
oft.com/kb/245030/) cipher HTTP
TLSv1.1
server
X-Frame- HTTP request header tocode
response
provides
Firefox
protocols
and
vendor 27,
TLSv1.2 a higher
Chrome
are not TH_AES_256_CBC_
https://devmoloadmi
was an expected 200
Options
configuration:
response
SHA256:ECDHE-
for
The headers
instructions
following onThis 'Content-Type'
HTTP header was
level
22, IEof11,
recommended
protocols. security.
documentation Opera in
to 14
this SHA
n.azurewebsites.net/
1: text/html
with X-Frame- present and matched
ECDSA-AES128-
disabling
recommended
configuration
and Safari
configuration. static is key 'Content-Security-
7. SSLv2,
apply
GCM-
cipher the
ECDHE-RSA-
Options thatwith
suites.
configuration
compatible instruct exchange/logon.asp
expectation
Policy' not present
SSLv3,
Instead,
Refer
Use to and
use
theyour
HTTP
recommended
Send TLSv1
TLSv1.1
cipher HTTP
server
X-Frame-
HTTP * response
header code
AES128-GCM-
the browser
SHA256:ECDHE-
provides a to
higher
Firefox
Disable
protocols
and
vendor 27,
TLSv1.2
Options
configuration: Chrome
SSLv2,
are not TLS_DHE_RSA_WI
was
'Content-Type' anheader
expected 200
was
response
SHA256:ECDHE-
restrict
RSA-AES256-GCM-
The
level following
of11, headers
framing
security. This HTTP 'X-
22, IE
SSLv3,
recommended
protocols. and
documentation Opera
TLS in
to 14
1.0.
this TH_CAMELLIA_128
1:
present text/html
and matched
with X-Frame-
ECDSA-AES128-
where it is not
SHA384:ECDHE-
recommended
configuration 'Content-Security-
is is *Frame-Options' not
and
The Safari
best
configuration.
apply thethat 7. SSLv2,
solution _CBC_SHA Running HTTPS
expectation
Vulnerable ECDHE-RSA-
Options
GCM-
allowed.
ECDSA-AES256-
configuration instruct Policy'
present not present
compatible
SSLv3,
to only
Instead,
Refer to and
haveuse with
TLSv1
TLS
TLSv1.11.2 service
Use theyour
HTTP
recommended
Send
AES128-GCM-
the browser
SHA256:ECDHE-
GCM-SHA384:DHE-
provides HTTP
aare toserver
X-Frame-
higher
cipher HTTP header
Firefox
protocols
enabled
and
vendor 27,
TLSv1.2
Options
not 'Content-Type'* header 'X- was
response
SHA256:ECDHE-
restrict headers
framing
RSA-AES256-GCM-
RSA-AES128-GCM-
level HTTP
22, IEof11,
recommended
protocols. security.
documentation Opera in
toThis
14
this TLS_DHE_RSA_WI
present and matched
with X-Frame-
ECDSA-AES128-
where it
SHA384:ECDHE-is
SHA256:DHE-DSS-
configuration not is 'Content-Security-
Frame-Options'
**TH_CAMELLIA_256 not
and Safari
configuration.
Disable
apply 7. SSLv2,
theinsecure Running HTTPS
expectation
Vulnerable ECDHE-RSA-
Options
GCM-
allowed.
ECDSA-AES256-
AES128-GCM- that instruct Policy'
present not present
Negotiated with
compatible
SSLv3,
Instead,
There
Refer
TLS/SSL toisand
recommended use
no
yourwith
TLSv1cipher service
TLSv1.1
server-
server
protocol HTTP
_CBC_SHA request to
Send the
AES128-GCM-
the browser
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES HTTPto the following
Firefox
protocols
and
side
vendor 27,are
TLSv1.2
mitigation
support
not https://dealerapi.true
response
SHA256:ECDHE-
restrict headers
framing
RSA-AES256-GCM-
RSA-AES128-GCM-
GCM:ECDHE-RSA- HTTP header 'X-
22, IE 11,against
recommended
protocols.
available
documentation
with X-Frame-
ECDSA-AES128-
Opera this insecure
to14
in the spot.com/ *
'Content-Security-
cipher
where it
SHA384:ECDHE-is
SHA256:DHE-DSS-
AES128- not Frame-Options'
* not
Vulnerable
and
BEAST
apply Safari
configuration.
the
ECDHE-RSA-
Options
GCM-
allowed. attack.
ECDSA-AES256- The suites:
7. SSLv2,
that instruct HTTP
TLS_DHE_RSA_WI
Policy'
present response
not presentcode
AES128-GCM-
SHA256:ECDHE-
SSLv3,
Instead, and
use TLSv1
TLSv1.1 HTTP
was * Negotiated
TLS
an 1.2
request
expected with
ciphers:
to 200
Refer
only to
option
recommended
Configure
AES128-GCM-
the your
browser to
SHA256:ECDHE-
GCM-SHA384:DHE- is
the server
tocipher
server TH_SEED_CBC_SH
SHA256:kEDH+AES
ECDSA-AES128-
protocols
and TLSv1.2 are not to the following
*
1: text/html;
vendor
disable the
configuration:
to require
SHA256:ECDHE-
restrict
RSA-AES256-GCM-
RSA-AES128-GCM- affected
clients
framing A
HTTP header 'X-
GCM:ECDHE-RSA-
SHA256:ECDHE-
recommended
protocols. in this insecure
TLS_RSA_WITH_AE
spot.com/home/ cipher
documentation
protocols
use
where TLS
SHA384:ECDHE-
SHA256:DHE-DSS-
AES128-
RSA-AES128- not to1.2 charset=utf-8
(SSLv3
it isversion
ECDSA-AES128- Frame-Options'
*suites:
S_128_CBC_SHA not
configuration.
apply
and the
TLS
ECDHE-RSA-
using
GCM- 1.0). The
Authenticated HTTP * response code
Vulnerable allowed.
ECDSA-AES256-
AES128-GCM-
SHA256:ECDHE-
SHA:ECDHE- present * Negotiated
TLS 1.2 with
ciphers:
Instead,
Refer
Use
only to
HTTP
recommended
fully
AES128-GCM- use
your
Encryption with
SHA256:ECDHE- TLSv1.1
server
X-Frame-
safe cipher was
HTTP an
TLS_ECDHE_RSA_ expected
header 200
GCM-SHA384:DHE-
SHA256:kEDH+AES
ECDSA-AES128- the following
*
and
vendorTLSv1.2Data
Options
configuration:
configuration
SHA256:ECDHE-
Associated
RSA-AES256-GCM- is to 1: text/html;
'Content-Type'
WITH_AES_128_CB was
RSA-AES128-GCM-
GCM:ECDHE-RSA-
SHA256:ECDHE-
SHA:ECDHE-RSA- insecure
TLS_RSA_WITH_AE cipher
protocols.
documentation
use capableto
Authenticated
ECDSA-AES128-
(AEAD)
SHA384:ECDHE- charset=utf-8
present
C_SHA and matched
SHA256:DHE-DSS-
AES128-
RSA-AES128-
AES256- *suites:
S_128_CBC_SHA
S_128_CBC_SHA25
TLS Server Supports The PCI (Payment Card
Vulnerable apply
ciphers.the
ECDHE-RSA-
Encryption
GCM-
ECDSA-AES256-
AES128-GCM- with expectation
Successfully connected over TLSv1.0
SHA256:ECDHE-
SHA:ECDHE-
SHA384:ECDHE- * Negotiated
TLS with
1.2 ciphers:
Refer
Use to
theyour
HTTP
recommended
Send
AES128-GCM-
Associated
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES HTTP
Data cipher 6
server
X-Frame- HTTP
the ** header
following
ECDSA-AES128-
ECDSA-AES256-
vendor
Options
configuration:
response
SHA256:ECDHE-
(AEAD), headers
e.g.
RSA-AES256-GCM-
RSA-AES128-GCM-
GCM:ECDHE-RSA-
SHA256:ECDHE- AES- 'Content-Type'
HTTP header
TLS_ECDHE_RSA_
insecure cipher
was
SHA:ECDHE-RSA-
SHA384:ECDHE-
documentation
with X-Frame- to TLS_RSA_WITH_AE
present * and
'Content-Security- matched
ECDSA-AES128-
GCM, AES-CCM
SHA384:ECDHE-
SHA256:DHE-DSS-
AES128-
RSA-AES128- in WITH_AES_256_CB
*suites:
AES256-
apply thethat instruct S_128_CBC_SHA
RSA-AES256-
ECDHE-RSA-
Options S_128_CBC_SHA25
TLS_RSA_WITH_AE
expectation
Policy'
TLS/SSL Server is enThe SSL protocol, as uVulnerable GCM-
TLS 1.2.
ECDSA-AES256-
AES128-GCM-
SHA256:ECDHE-
SHA:ECDHE-
SHA384:ECDHE-
SHA:ECDHE-
Disable any MD5 or
C_SHA
*6 TLSnot
S_128_GCM_SHA2
Running
present
* Negotiated
1.2 with
ciphers:
SSH
recommended
Send the
AES128-GCM-
the browser
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES HTTPto cipher the following
ECDSA-AES128-
ECDSA-AES256-
96-bit HMAC 56
service *
configuration:
response
SHA256:ECDHE-
restrict headers
framing
RSA-AES256-GCM-
RSA-AES128-GCM-
GCM:ECDHE-RSA- HTTP
insecure header
cipher'X-
SHA256:ECDHE-
SHA:ECDHE-RSA-
SHA384:ECDHE-
SHA:DHE-RSA-
algorithms within the TLS_RSA_WITH_AE *
with X-Frame-
ECDSA-AES128-
where it
SHA384:ECDHE-is
SHA256:DHE-DSS-
AES128- not 'Content-Security-
Frame-Options'
*
suites: not
RSA-AES128-
AES256- S_128_CBC_SHA
Vulnerable RSA-AES256-
AES128-
SSH
allowed.
ECDSA-AES256-
AES128-GCM-
SHA256:ECDHE-that instruct S_128_CBC_SHA25
configuration
ECDHE-RSA-
Options
GCM- TLS_RSA_WITH_AE
present
*
* not present
* Insecure
Policy'Negotiated
TLS 1.2
MAC with
ciphers:
SHA:ECDHE-
SHA384:ECDHE-
SHA:ECDHE-
SHA256:DHE-RSA- 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
algorithms in use:
AES128-GCM-
the browser to
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES
*
ECDSA-AES256-
AES128-SHA:DHE-
Consult
SHA256:ECDHE-
restrict the
framing product 56
S_256_CBC_SHA
umac-64-
HTTP header 'X-
RSA-AES256-GCM-
RSA-AES128-GCM-
GCM:ECDHE-RSA-
SHA256:ECDHE-
SHA:ECDHE-RSA- insecure cipher
TLS_RSA_WITH_AE
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
documentation
ECDSA-AES128-
where it is not for *
etm@openssh.com,h
Frame-Options' not
SHA384:ECDHE-
SHA256:DHE-DSS-
AES128-
RSA-AES128-
AES256- *
suites:
S_128_CBC_SHA
S_128_CBC_SHA25
Vulnerable RSA-AES256-
AES128-
SHA256:DHE-RSA-
instructions
GCM-
allowed. to TLS_RSA_WITH_AE
mac-sha1-
present *
ECDSA-AES256-
AES128-GCM-
SHA256:ECDHE-
SHA:ECDHE-
SHA384:ECDHE- 6 * Negotiated
TLS 1.2 with
ciphers:
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
disable
SHA256:ECDHE- S_128_GCM_SHA2
any insecure TLS_RSA_WITH_AE
etm@openssh.com,u
GCM-SHA384:DHE-
SHA256:kEDH+AES
*
ECDSA-AES256-
AES128-SHA:DHE-
SHA256:DHE-DSS-
MD5 or 96-bit
RSA-AES256-GCM- HMAC 56
S_256_CBC_SHA
S_256_CBC_SHA25
mac-
RSA-AES128-GCM-
GCM:ECDHE-RSA-
SHA256:ECDHE-
SHA:ECDHE-RSA-
SHA384:ECDHE- insecure cipher
TLS_RSA_WITH_AE
*
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE-
algorithms
SHA384:ECDHE- within the 6 64@openssh.com,h
SHA256:DHE-DSS-
AES128-
RSA-AES128-
AES256-
RSA-AES256- *S_128_CBC_SHA25
suites:
S_128_CBC_SHA
TLS_RSA_WITH_AE
SSH Weak Message Au
The SSH server suppoVulnerable Version AES128-
SHA256:DHE-RSA-
RSA-AES256-SHA:!
SSH configuration. mac-sha1
ECDSA-AES256- *
AES128-GCM-
SHA256:ECDHE-
SHA:ECDHE-
SHA384:ECDHE-
SHA:ECDHE- 6 * Negotiated
S_128_GCM_SHA2 with
TLS 1.2 ciphers:
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:!
GCM-SHA384:DHE- TLS_RSA_WITH_AE
*
SHA256:kEDH+AES
ECDSA-AES128-
ECDSA-AES256- the
56 following
*
AES128-SHA:DHE-
SHA256:DHE-DSS-
EXPORT:!DES:!
RSA-AES128-GCM- S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
GCM:ECDHE-RSA-
SHA256:ECDHE-
SHA:ECDHE-RSA-
SHA384:ECDHE-
SHA:DHE-RSA- insecure cipher
TLS_RSA_WITH_AE
*
DSS-AES128-
AES256-SHA:DHE-
RC4:!3DES:!MD5:!
SHA256:DHE-DSS- 6
S_256_GCM_SHA3
*
AES128-
RSA-AES128-
AES256-
RSA-AES256-
AES128- suites:
S_128_CBC_SHA
S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
TLS/SSL Server Suppo
The server is configurVulnerable SHA256:DHE-RSA-
RSA-AES256-SHA:!
PSK
AES128-GCM- 84* Negotiated with
SHA256:ECDHE-
SHA:ECDHE-
SHA384:ECDHE-
SHA:ECDHE-
SHA256:DHE-RSA- 6 TLS 1.2 ciphers:
S_128_GCM_SHA2
TLS_RSA_WITH_AE
AES256-
aNULL:!eNULL:!
SHA256:kEDH+AES the *
following
ECDSA-AES128-
ECDSA-AES256-
AES128-SHA:DHE-
SHA256:DHE-DSS- 56 *
S_256_CBC_SHA
S_256_CBC_SHA25
EXPORT:!DES:!
GCM:ECDHE-RSA-
SHA256:ECDHE- TLS_RSA_WITH_AE
insecure cipher
TLS_RSA_WITH_AE
SHA:ECDHE-RSA-
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE- 6 *
RC4:!3DES:!MD5:!
AES128-
RSA-AES128- S_256_GCM_SHA3
suites:
S_128_CBC_SHA
AES256-
RSA-AES256-
AES128-
SHA256:DHE-RSA-
RSA-AES256-SHA:! S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
The server is configurVulnerable PSK
SHA256:ECDHE-
SHA:ECDHE- 84* TLS 1.2 ciphers:
SHA384:ECDHE-
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:! 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
ECDSA-AES128-
ECDSA-AES256-
AES128-SHA:DHE-
S_256_CBC_SHA
S_256_CBC_SHA25
EXPORT:!DES:!
SHA256:ECDHE- TLS_RSA_WITH_AE
SHA:ECDHE-RSA-
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE- TLS_RSA_WITH_AE
6 *
RC4:!3DES:!MD5:!
RSA-AES128- S_256_GCM_SHA3
S_128_CBC_SHA
AES256-
RSA-AES256-
AES128-
SHA256:DHE-RSA-
RSA-AES256-SHA:! S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
SHA:ECDHE- 84
SHA384:ECDHE-
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:! 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
ECDSA-AES128-
ECDSA-AES256-
AES128-SHA:DHE-
S_256_CBC_SHA
S_256_CBC_SHA25
EXPORT:!DES:! TLS_RSA_WITH_AE
SHA:ECDHE-RSA-
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE- TLS_RSA_WITH_AE
*
RC4:!3DES:!MD5:! 6 S_256_GCM_SHA3
AES256-
RSA-AES256-
AES128- S_128_CBC_SHA25
TLS_RSA_WITH_AE
RSA-AES256-SHA:!
PSK 84 *
SHA384:ECDHE-
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:! 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
ECDSA-AES256-
AES128-SHA:DHE-
SHA256:DHE-DSS-
EXPORT:!DES:! 56
S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE-
RC4:!3DES:!MD5:! 6 *
S_256_GCM_SHA3
The server is configurVulnerable RSA-AES256-
AES128-
SHA256:DHE-RSA-
RSA-AES256-SHA:!
PSK TLS_RSA_WITH_AE
84 *
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:! S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
ECDSA-AES256-
AES128-SHA:DHE-
SHA256:DHE-DSS-
EXPORT:!DES:! 56
S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE-
The server is configurVulnerable AES128-
SHA256:DHE-RSA-
RSA-AES256-SHA:!
PSK 84 *
SHA256:DHE-RSA-
AES256-
aNULL:!eNULL:! TLS_RSA_WITH_AE
*
AES128-SHA:DHE-
SHA256:DHE-DSS-
EXPORT:!DES:! S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
DSS-AES128-
AES256-SHA:DHE-
RSA-AES256-SHA:!
PSK 84 *
AES256-
*
SHA256:DHE-DSS-
EXPORT:!DES:! S_256_CBC_SHA25
TLS_RSA_WITH_AE
AES256-SHA:DHE-
The server is configurVulnerable RSA-AES256-SHA:!
PSK 84
aNULL:!eNULL:! *
RC4:!3DES:!MD5:! S_256_GCM_SHA3
The server is configurVulnerable PSK 84
DSS-AES128-
ECDSA-AES128-
article
SHA384:ECDHE-
web 245030
server,
SHA256:DHE-DSS- allowing *suites:
AES128-
AES256- Disable
RSA-AES128-
following HTTP S_128_CBC_SHA
S_128_CBC_SHA25
RSA-AES256-
AES128-
apply the in
<Limit
SHA256:DHE-RSA-
ECDHE-RSA-
GCM-
ECDSA-AES256-
attackers
AES128-GCM- to
the
narrow
TLS_RSA_WITH_AE
*
SHA256:ECDHE-
OPTIONS
SHA:ECDHE-
Disable
SHA384:ECDHE-
Apache
SHA:ECDHE-
OPTIONS>
SHA256:DHE-RSA- Method
the
Order 6 * Negotiated
S_128_GCM_SHA2
TLS_RSA_WITH_AE
with
TLS 1.2 ciphers:
recommended
AES256-
AES128-GCM-
SHA256:ECDHE-
oft.com/kb/245030/)
GCM-SHA384:DHE-
and intensify
SHA256:kEDH+AES cipher
their the following
ECDSA-AES128-
for
OPTIONSApache
ECDSA-AES256-
configuration:
deny,allow
AES128-SHA:DHE- method
Deny by 56 *
S_256_CBC_SHA
configuration:
SHA256:DHE-DSS-
SHA256:ECDHE-
RSA-AES256-GCM-
for instructions
RSA-AES128-GCM-
efforts.
GCM:ECDHE-RSA- on S_256_CBC_SHA25
insecure cipher
* Apache
SHA256:ECDHE-
SHA:ECDHE-RSA-
including
SHA384:ECDHE- HTTPD
the TLS_RSA_WITH_AE
SHA:DHE-RSA-
from
DSS-AES128-
disabling all </Limit>
AES256-SHA:DHE-
ECDSA-AES128-
SHA384:ECDHE-
SHA256:DHE-DSS-
AES128- Disable static
HTTP key 6 *
*suites:
RSA-AES128-
AES256-
following
RSA-AES256-
AES128- <Limit
SHA256:DHE-RSA- in the S_128_CBC_SHA
S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
ECDHE-RSA-
RSA-AES256-SHA:!
GCM-
ECDSA-AES256-
cipher
AES128-GCM-
SHA256:ECDHE-suites. * Negotiated with
TLS 1.2 ciphers:
OPTIONS
SHA:ECDHE-
Apache Disable
SHA384:ECDHE-
SHA:ECDHE-
OPTIONS>
SHA256:DHE-RSA- Method
the
Order 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
AES256-
AES128-GCM-
aNULL:!eNULL:!
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES the *
following
ECDSA-AES128-
for
OPTIONSApache
ECDSA-AES256-
configuration:
deny,allow
Deny by 56 *
S_256_CBC_SHA
SHA256:DHE-DSS-
SHA256:ECDHE-
EXPORT:!DES:!
RSA-AES256-GCM-
RSA-AES128-GCM-
The
* Apache following
GCM:ECDHE-RSA- HTTPD S_256_CBC_SHA25
TLS_RSA_WITH_AE
insecure cipher
SHA256:ECDHE-
SHA:ECDHE-RSA-
including
SHA384:ECDHE-
SHA:DHE-RSA-
from
DSS-AES128- the
all </Limit> TLS_RSA_WITH_AE
*
* Microsoft
AES256-SHA:DHE-
ECDSA-AES128-
RC4:!3DES:!MD5:!
SHA384:ECDHE-
SHA256:DHE-DSS-
recommended
AES128- IIS 6
S_256_GCM_SHA3
*suites:
AES256- Disable
RSA-AES128-
following
RSA-AES256-
AES128- <Limit in HTTP
the S_128_CBC_SHA
S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
GCM-
PSK Disable HTTP
RSA-AES256-SHA:!
ECDSA-AES256-
AES128-GCM-
configuration 84* Negotiated with
SHA256:ECDHE-
OPTIONS
Apache DisableMethod
SHA:ECDHE-
SHA384:ECDHE-
SHA:ECDHE-
OPTIONS>
SHA256:DHE-RSA- the
Order 6 TLS 1.2 ciphers:
S_128_GCM_SHA2
TLS_RSA_WITH_AE
AES256-
OPTIONS
aNULL:!eNULL:!
SHA256:ECDHE-
GCM-SHA384:DHE-
SHA256:kEDH+AES
provides a Method
higher the *
following
for
OPTIONSApache
ECDSA-AES128-
ECDSA-AES256-
configuration:
deny,allow
Deny by 56 *
S_256_CBC_SHA
SHA256:DHE-DSS-
for IISof security.
EXPORT:!DES:!
RSA-AES256-GCM-
RSA-AES128-GCM-
GCM:ECDHE-RSA- S_256_CBC_SHA25
TLS_RSA_WITH_AE
level
SHA256:ECDHE-
SHA:ECDHE-RSA-
including
SHA384:ECDHE-
SHA:DHE-RSA-
from
DSS-AES128-
* all
Microsoft
AES256-SHA:DHE- theIIS This insecure
</Limit> 6
cipher
TLS_RSA_WITH_AE
*
RC4:!3DES:!MD5:!
SHA384:ECDHE-
SHA256:DHE-DSS-
AES128-
configuration
RSA-AES128- is S_256_GCM_SHA3
*
suites:
S_128_CBC_SHA
AES256-
following
AES128- <Limitin the
RSA-AES256-
SHA256:DHE-RSA-
Disable
RSA-AES256-SHA:! HTTP S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
ECDSA-AES256-
AES128-GCM-
SHA256:ECDHE-
compatible
SHA:ECDHE-
DisableMethod with
the 84* Negotiated with
TLS 1.2 ciphers:
SHA384:ECDHE-
Apache
SHA:ECDHE-
OPTIONS>
SHA256:DHE-RSA-
AES256-
OPTIONS
aNULL:!eNULL:! Order 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
Firefox Disable
GCM-SHA384:DHE-
SHA256:kEDH+AES
ECDSA-AES128- 27, the
Chrome the following
*
OPTIONS
ECDSA-AES256-
configuration:
deny,allow
AES128-SHA:DHE-
SHA256:DHE-DSS-
for IIS method
Deny by 56by S_256_CBC_SHA
S_256_CBC_SHA25
EXPORT:!DES:!
OPTIONS
RSA-AES128-GCM-
GCM:ECDHE-RSA-
SHA256:ECDHE-
22, IEall11, method
Opera 14 TLS_RSA_WITH_AE
insecure cipher
TLS_RSA_WITH_AE
SHA:ECDHE-RSA-
including
SHA384:ECDHE-
SHA:DHE-RSA-
from
DSS-AES128-
* Microsoft
AES256-SHA:DHE- the
</Limit>
IIS *
RC4:!3DES:!MD5:!
doing
and
AES256-
following
the
SHA256:DHE-DSS-
AES128-
RSA-AES128-
Safari
RSA-AES256-
following
in 7. SSLv2,
the
in *6
S_256_GCM_SHA3
suites:
S_128_CBC_SHA
S_128_CBC_SHA25
TLS_RSA_WITH_AE
The server is configurVulnerable AES128- <Limit
SHA256:DHE-RSA-
Disable
RSA-AES256-SHA:!
PSK HTTP *
the IIS
AES128-GCM-
SHA256:ECDHE-
SHA:ECDHE-
SSLv3,
SHA384:ECDHE-
Apache
SHA:ECDHE-
OPTIONS>
manager
SHA256:DHE-RSA-
AES256-
OPTIONS TLSv1 84
andMethod
Order 6 * Negotiated
S_128_GCM_SHA2
TLS_RSA_WITH_AE
with
TLS 1.2 ciphers:
aNULL:!eNULL:!
Disable
SHA256:kEDH+AES the the *
following
ECDSA-AES128-
protocols
ECDSA-AES256-
configuration:
deny,allow
AES128-SHA:DHE-
SHA256:DHE-DSS- are not 56
Deny by S_256_CBC_SHA *
S_256_CBC_SHA25
for *IIS
EXPORT:!DES:!
OPTIONS Select method
GCM:ECDHE-RSA-
SHA256:ECDHE- relevent TLS_RSA_WITH_AE
insecure cipher
TLS_RSA_WITH_AE
SHA:ECDHE-RSA-
recommended
SHA384:ECDHE-
SHA:DHE-RSA-
from
DSS-AES128-all
* Microsoft
AES256-SHA:DHE- IIS in this
</Limit> 6 *
RC4:!3DES:!MD5:!
doing
site
AES128-
RSA-AES128- the following in S_256_GCM_SHA3
suites:
S_128_CBC_SHA
AES256-
configuration.
RSA-AES256-
AES128- <Limit
SHA256:DHE-RSA-
Disable
RSA-AES256-SHA:! HTTP S_128_CBC_SHA25
TLS_RSA_WITH_AE
*
the IIS manager
SHA256:ECDHE-
SHA:ECDHE- 84* TLS 1.2 ciphers:
SHA384:ECDHE-
Instead,
SHA:ECDHE-
OPTIONS>
SHA256:DHE-RSA-
AES256-
OPTIONS
aNULL:!eNULL:! use TLSv1.1 6
Order
Method S_128_GCM_SHA2
TLS_RSA_WITH_AE
* Disable
Select
ECDSA-AES128-
ECDSA-AES256-
and TLSv1.2
deny,allow
AES128-SHA:DHE-
the
Request
Deny by 56 **
S_256_CBC_SHA
SHA256:DHE-DSS-
for
OPTIONS
* IIS
EXPORT:!DES:!
filteringSelect and method
relevent
change S_256_CBC_SHA25
TLS_RSA_WITH_AE
SHA256:ECDHE-
SHA:ECDHE-RSA-
SHA384:ECDHE-
protocols.
SHA:DHE-RSA-
from
DSS-AES128-all </Limit> TLS_RSA_WITH_AE
*
* Microsoft
AES256-SHA:DHE-
RC4:!3DES:!MD5:!
doing
site
to HTTP the IIStab in 6
following
verb S_256_GCM_SHA3
RSA-AES128-
AES256-
RSA-AES256-
AES128- S_128_CBC_SHA
S_128_CBC_SHA25
TLS_RSA_WITH_AE
PSK
the Disable
RSA-AES256-SHA:!
IIS manager
SHA:ECDHE-
HTTP 84 *
SHA384:ECDHE-
SHA:ECDHE-
Refer to your
SHA256:DHE-RSA-
AES256-
OPTIONS
aNULL:!eNULL:! server 6
Method S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
Disable
* Select Request
ECDSA-AES128- the
Deny *
ECDSA-AES256-
vendor
AES128-SHA:DHE-
SHA256:DHE-DSS-
for IIS
EXPORT:!DES:! 56
S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
OPTIONS
Verb*
filteringSelect
from
SHA:ECDHE-RSA- and method
relevent
thechange by TLS_RSA_WITH_AE
SHA384:ECDHE-
SHA:DHE-RSA-
documentation
DSS-AES128-
* Microsoft
AES256-SHA:DHE-
RC4:!3DES:!MD5:! to in 6
IIStab *
S_256_GCM_SHA3
doing
site
to HTTP
actions
AES256- the following
verb
pane S_128_CBC_SHA25
The server is configurVulnerable RSA-AES256-
AES128-
apply the
SHA256:DHE-RSA-
Disable
RSA-AES256-SHA:!
PSKIIS manager HTTP TLS_RSA_WITH_AE
84 *
the
SHA384:ECDHE- 6
SHA:ECDHE-
SHA256:DHE-RSA-
recommended
AES256-
OPTIONS
aNULL:!eNULL:!
Disable Method
the cipher S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
** Select
Type OPTIONS
ECDSA-AES256- Request
Deny 56
AES128-SHA:DHE-
configuration:
SHA256:DHE-DSS-
for IIS
EXPORT:!DES:!
OPTIONS
* Select method
relevent by S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
filtering
Verb
into from and thechange
the provided text 6 *
SHA384:ECDHE-
SHA:DHE-RSA-
DSS-AES128-
AES256-SHA:DHE-
RC4:!3DES:!MD5:!
doing the following S_256_GCM_SHA3
site
to
box HTTP
actions and
RSA-AES256-
AES128-
SHA256:DHE-RSA-
verb
pane
press OK in TLS_RSA_WITH_AE
tab
The server is configurVulnerable ECDHE-RSA-
RSA-AES256-SHA:!
PSK
the IIS manager 84 *
SHA:ECDHE-
SHA256:DHE-RSA-
AES256-
AES128-GCM-
aNULL:!eNULL:!
Disable the S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
* Select
* Type OPTIONS
ECDSA-AES256- Request
Deny 56
AES128-SHA:DHE-
SHA256:DHE-DSS-
SHA256:ECDHE-
EXPORT:!DES:!
OPTIONS
* Select method
relevent by S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
filtering
Verb
into from
the
SHA:DHE-RSA- and thechange
provided text
DSS-AES128-
AES256-SHA:DHE-
ECDSA-AES128-
RC4:!3DES:!MD5:!
doing the following 6
S_256_GCM_SHA3
site
to
box HTTP
actions
* nginx
AES128- and verb
pane
press
nginx OK in
tab
RSA-AES256-SHA:!
GCM-
PSK
the IIS manager 84 *
AES256- Disable
SHA256:DHE-RSA-
aNULL:!eNULL:!
SHA256:ECDHE- HTTP TLS_RSA_WITH_AE
*
** Select
OPTIONS Type OPTIONSRequest
Deny
Method
AES128-SHA:DHE-
SHA256:DHE-DSS-
EXPORT:!DES:!
RSA-AES256-GCM-
* Select relevent S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
filtering
Verb
into
for from
the
nginx and thechange
provided text 6
DSS-AES128-
AES256-SHA:DHE-
RC4:!3DES:!MD5:!
SHA384:ECDHE-
site S_256_GCM_SHA3
to
* HTTP
actions
box nginxand verb tab
pane
press
nginx OK
RSA-AES256-SHA:!
PSK
ECDSA-AES256- 84 *
AES256- Disable HTTP
aNULL:!eNULL:!
GCM-SHA384:DHE-
* Disable
OPTIONS Select
Type OPTIONSRequest TLS_RSA_WITH_AE
Deny
Method
*
SHA256:DHE-DSS-
EXPORT:!DES:!
RSA-AES128-GCM- the S_256_CBC_SHA25
TLS_RSA_WITH_AE
filtering
Verb
into from
the and thechange
provided
for
OPTIONSnginx
AES256-SHA:DHE-
RC4:!3DES:!MD5:!
SHA256:DHE-DSS- methodtext by 6 S_256_GCM_SHA3
*
to
* HTTP
actions
box nginxandthe verb tab
pane
press
nginx OK
The server is configurVulnerable adding
RSA-AES256-SHA:!
PSK
AES128-GCM- following 84 Negotiated with
line Disable HTTP
to your server
aNULL:!eNULL:! *
SHA256:kEDH+AES
*
OPTIONS Select
Type Deny
OPTIONS the following
block,
EXPORT:!DES:!you Method
Disable
GCM:ECDHE-RSA-
theadd TLS_RSA_WITH_AE
can insecure cipher
Verb
into
for
OPTIONS from
the
nginx the
provided
method text
by S_256_GCM_SHA3
other HTTP
RC4:!3DES:!MD5:!
AES128- methods suites:
actions
box
* nginx
adding and pane
press
nginx OK
the following
The server is configurVulnerable to
PSK be allowed
SHA256:ECDHE- to run 84* TLS 1.2 ciphers:
line
after Disable
toPOST HTTP
your server
ECDSA-AES128-
* Disable
Type *
OPTIONS
block, youOPTIONS
Method
theadd
can
SHA256:ECDHE-
into
for
OPTIONS the
nginx provided
method text
by TLS_RSA_WITH_AE
other HTTP methods
limit_except GET S_128_CBC_SHA
RSA-AES128-
box
HTTP OPTIONS Metho
Web servers that respVulnerable POSTbeand
* nginx
adding
to press
nginx
{the
allowed
deny toOK
following
all;run
} OPTIONS method returned values including i
SHA:ECDHE-
afterDisable
line toPOST HTTP
your server
ECDSA-AES128-
OPTIONS
block, you Method
Disable theadd
can *
SHA:ECDHE-RSA-
for
OPTIONS
other nginxHTTPmethod methods by TLS_RSA_WITH_AE
limit_except GET
AES256-
* nginx
adding nginx S_128_CBC_SHA25
HTTP OPTIONS Metho
Web servers that respVulnerable to
POST {the
be allowed deny following
to run
all; } OPTIONS method returned values including i
SHA384:ECDHE-
afterDisable
line toPOST HTTP
your server 6
ECDSA-AES256-
OPTIONS
block, you Method
Disable theadd
can
SHA384:ECDHE-
for
OPTIONS
other nginxHTTPmethod
limit_except methods
GETby *
HTTP OPTIONS Metho
Web servers that respVulnerable RSA-AES256-
adding
to be the
allowed
POST { deny all; } following
to run TLS_RSA_WITH_AE
OPTIONS method returned values including i
SHA:ECDHE-
line
aftertoPOST your server S_128_GCM_SHA2
ECDSA-AES256-
block, Disable
you can theadd 56
SHA:DHE-RSA-
OPTIONS
other HTTPmethod
limit_except methods
GETby
HTTP OPTIONS Metho
Web servers that respVulnerable AES128-
adding
to
POST {the
be allowed deny following
to run
all; } OPTIONS* method returned values including i
SHA256:DHE-RSA-
line
aftertoPOST your server TLS_RSA_WITH_AE
AES128-SHA:DHE-
block, you can add S_256_CBC_SHA
DSS-AES128-
other HTTP methods
limit_except GET
HTTP OPTIONS Metho
Web servers that respVulnerable SHA256:DHE-RSA-
to
POSTbe allowed
{ deny all; to run
} OPTIONS* method returned values including i
AES256-
after POST TLS_RSA_WITH_AE
SHA256:DHE-DSS- S_256_CBC_SHA25
AES256-SHA:DHE-
limit_except GET 6
HTTP OPTIONS Metho
Web servers that respVulnerable RSA-AES256-SHA:!
POST { deny all; } OPTIONS method returned values including i
aNULL:!eNULL:! *
RC4:!3DES:!MD5:! S_256_GCM_SHA3
The server is configurVulnerable PSK 84
DSS-AES128-
Server
doing the 2012,following
Home,
site
Windows
to HTTP
Ultimate
actions
Windows
AES256-
configuration.
RSA-AES256-
AES128-
BasicVista
verb
Edition,
paneVista tab in S_128_CBC_SHA25
Edition,
TLS_RSA_WITH_AE
*
SHA256:DHE-RSA-
Microsoft
the
Home, IIS Windows
manager
Premium
Microsoft
Business
SHA384:ECDHE-
Instead,
SHA:ECDHE-
Refer to
SHA256:DHE-RSA- useWindows
Edition,
your TLSv1.1
server 6
S_128_GCM_SHA2
TLS_RSA_WITH_AE
AES256-
Vista,
Vista
*
Edition,Disable
Microsoft
Home,
Select the
Basic
Request
Microsoft N
Vista
* Type
Microsoft Enterprise
ECDSA-AES256-
and TLSv1.2 Deny
OPTIONS
Windows
vendor
AES128-SHA:DHE-
SHA256:DHE-DSS-
OPTIONS
Windows
* Select
Edition,
filtering
Windows
Verb
Edition,
into from
the and method
Vista
relevent
Microsoft
Vista
the
Microsoft
provided change by 56
text
S_256_CBC_SHA
S_256_CBC_SHA25
Vista
protocols.
SHA:DHE-RSA-Business
SHA384:ECDHE-
documentation
DSS-AES128-
AES256-SHA:DHE- N
to 6 *
doing
Home,
site
Windows
to HTTP
Ultimate
actions
Windows
box and the Basicfollowing
Vista
verb
Edition,
pane Edition,
VistaOK
press tab in
Edition,
RSA-AES256-
AES128-
apply the
SHA256:DHE-RSA-
RSA-AES256-SHA:! Microsoft TLS_RSA_WITH_AE
*
the
Home, IIS
Microsoft
Microsoft
Business manager
Windows
Premium
Windows
Edition,
Windows
SHA:ECDHE-
Refer to
SHA256:DHE-RSA-
recommended
AES256-
aNULL:!eNULL:! Vista
your server
cipher S_128_GCM_SHA2
TLS_RSA_WITH_AE
*
Vista
Edition,
Vista
Microsoft
Starter Home,
** Select
Enterprise
Type Basic N
Request
Microsoft
Deny
OPTIONS
Windows
Edition,
ECDSA-AES256-
vendor
AES128-SHA:DHE-
configuration:
SHA256:DHE-DSS-
EXPORT:!DES:! 56
S_256_CBC_SHA
S_256_CBC_SHA25
TLS_RSA_WITH_AE
* Select
Edition,
filtering
Windows
Verb
Edition,
into
Vista from
the and relevent
Microsoft
Vista
the
Microsoft
provided
Business change
N text
Microsoft
SHA:DHE-RSA-
documentation
DSS-AES128-
AES256-SHA:DHE-
RC4:!3DES:!MD5:! Windows to 6
S_256_GCM_SHA3
site
Windows
to HTTP
Ultimate
actions
Windows
box
Edition,
* nginx and paneVista
verb
Vistatab
Edition,
press
Microsoft
nginx OK
The server is configurVulnerable 7, Microsoft
AES128-
apply the
SHA256:DHE-RSA-
ECDHE-RSA-
RSA-AES256-SHA:!
PSK 84 *
Home,
Microsoft
Business
Windows Disable Premium
Windows
Edition,
Vista
HTTP
7 Home,
SHA256:DHE-RSA-
recommended
AES256-
AES128-GCM-
aNULL:!eNULL:! cipher TLS_RSA_WITH_AE
*
Vista** Type
Edition,
Microsoft
Starter
OPTIONS
Basic
Select
Enterprise Request
Microsoft
Deny
OPTIONS
Windows
Edition,
Edition,
AES128-SHA:DHE-
configuration:
SHA256:DHE-DSS- Method S_256_CBC_SHA
S_256_CBC_SHA25
SHA256:ECDHE-
EXPORT:!DES:!
filtering
Windows
Verb from and Vistachange
the N text TLS_RSA_WITH_AE
Edition,
into
Vista
Microsoft
for the
nginx
DSS-AES128- Microsoft
provided
Business Windows 7 S_256_GCM_SHA3
AES256-SHA:DHE-
ECDSA-AES128-
RC4:!3DES:!MD5:!
to HTTP
Ultimate verb
Edition, tab 6
actions
Windows
box
Edition,
*
7, nginxand
Microsoft
Home,
SHA256:DHE-RSA- paneVista
press
Microsoft
nginx
Basic NOK
The server is configurVulnerable ECDHE-RSA-
RSA-AES256-SHA:!
GCM-
PSK
Microsoft
Business Windows
Edition, 84 *
Windows
Edition,
AES256- Disable
AES128-GCM-
aNULL:!eNULL:!
SHA256:ECDHE- Vista
7 HTTP
Home,
Microsoft TLS_RSA_WITH_AE
*
The Web form Vista Select
Enterprise
* Disable
MicrosoftType Deny
OPTIONS
Windows
Starter
OPTIONS
Basic
Windows
SHA256:DHE-DSS-
SHA256:ECDHE-
EXPORT:!DES:!
RSA-AES256-GCM- Edition,
Edition, 7Method
the
Home, S_256_CBC_SHA25
TLS_RSA_WITH_AE
contains passwords Verb
Edition,
into
Vista from
the the
Microsoft
provided
Business N text
Microsoft
for
OPTIONS
Premiumnginx
AES256-SHA:DHE-
ECDSA-AES128-
RC4:!3DES:!MD5:!
SHA384:ECDHE- Windows
method
Edition, 7 6
by S_256_GCM_SHA3
or other sensitive actions
Windows
box
Edition,
* nginxandBasic paneVista
press
Microsoft
nginx OK 7
The fields
serverfor
is which
configurVulnerable 7, Microsoft
Home,
adding
Microsoft
RSA-AES256-SHA:!
GCM-
PSK
ECDSA-AES256- the N
following
Windows 84
text Business
Windows Disable Edition,
Vista
HTTPN
Edition,
line
Home, to your
aNULL:!eNULL:!
SHA256:ECDHE-
GCM-SHA384:DHE- 7
Premium Home,
Microsoft
server *
the browser auto- *
Microsoft
Starter
OPTIONS Type OPTIONS
Windows
Edition,
Method
Basic
Windows
block,
Edition,
EXPORT:!DES:!Edition,
Disable
you
RSA-AES256-GCM-
RSA-AES128-GCM- 7cantheadd TLS_RSA_WITH_AE
Home,
Microsoft
complete feature is Disable
into
Vista
Microsoft
for the
nginx provided
Business Windows text
N by
OPTIONS
Premium
other
Windows HTTP
RC4:!3DES:!MD5:! 7method
Edition,
methods
Ultimate 7
enabled. Auto- SHA384:ECDHE-
SHA256:DHE-DSS-
autocomplete
box
Edition,
* nginx
7, and
Microsoft press
Microsoft
nginx for
OK all *S_256_GCM_SHA3
The serverstores
is configurVulnerable Home,
adding
Microsoft
to be
Edition,
PSK Basic
the
allowed
ECDSA-AES256-
AES128-GCM- Microsoft N
following
Windowsto run 7 84 Negotiated with
complete sensitive fields
Vista
completed form field afterDisable
Windows
Edition,
line
Home,
Windows toPOST
your
GCM-SHA384:DHE-
SHA256:kEDH+AES
7 HTTPN
Home,
Microsoft
7 server
Premium Ultimate the following
Starter
OPTIONS
Basic
Windows
block,
Edition,
N Edition, youEdition,
Edition,
Disable Method
theadd
7Microsoft
Home,
can
Microsoft
and passwords RSA-AES128-GCM-
GCM:ECDHE-RSA- insecure cipher
for nginx
Microsoft
OPTIONS
Premium
other
Windows HTTP
limit_except Windows
7method
Edition,
methods
Ultimate
GET 7 *
by
locally in the SHA256:DHE-DSS-
AES128-
For
* nginxeach sensitive
nginx suites:
HTTP OPTIONS Metho Web servers that respVulnerable 7, Microsoft
Home,
adding
Microsoft
to be allowed
Edition,
POST Basic
the
{theMicrosoft
deny N
following
Windowsto run
all; 7 OPTIONS
} set method
browser, so that Enterprise
AES128-GCM-
SHA256:ECDHE-
field in
Disable
Edition,
HTML,
HTTP * Negotiated
TLS 1.2 withreturned values including i
ciphers:
Windows
Edition,
line
Home,
after
Windows
MicrosofttoPOST
your 7 server
Premium
7 Home,
Microsoft
Ultimate
Windows N 7 the following
these fields are filled SHA256:kEDH+AES
ECDSA-AES128-
the
OPTIONS "autocomplete" Method *
Basic
Windows
block,
Edition,
N Edition,
Enterprise Edition,
Disable
you the
7Microsoft
Home,
can
Microsoft
N add insecure cipher
Edition,
automatically when GCM:ECDHE-RSA-
SHA256:ECDHE-
attribute
for nginx toEdition,
"off". Forby TLS_RSA_WITH_AE
Microsoft
OPTIONS
Premium
other
Windows HTTP
limit_except
Microsoft Windows
7 method
methods
Ultimate
Windows GET 7
7 suites:
the user visits the AES128-
RSA-AES128-
example: S_128_CBC_SHA
HTTP OPTIONS Metho Web servers that respVulnerable Home,
adding
Microsoft
to be
Edition,
POST
Enterprise
Professional Basic
the
allowed
Microsoft
{ deny N
following
Windowsto run
all; }
Edition,
Edition, 7 OPTIONS method returned values including i
site again. SHA256:ECDHE-
SHA:ECDHE- * TLS 1.2 ciphers:
Edition,
line toPOST
Home,
after
Windows
Microsoft yourMicrosoft
7 server
Premium Ultimate
Windows N 7
ECDSA-AES128-
<input Disable the *
Windows
block,
Edition,
N Edition,
Enterprise
Starter you 7Microsoft
NHome,
can
Microsoft
Edition, add
Edition,
Sensitive data and SHA256:ECDHE-
SHA:ECDHE-RSA-
type="password"
OPTIONS method by TLS_RSA_WITH_AE
Premium
other
Windows HTTP
limit_except
Microsoft Edition,
7 methods
Ultimate
Windows GET 7 S_128_CBC_SHA25
passwords can berespVulnerable RSA-AES128-
AES256-
autocomplete="off"
Disable
adding insecure
the following S_128_CBC_SHA
HTTP OPTIONS Metho Web servers that Microsoft
to
POSTbe allowed
Edition,
Enterprise
Professional
Starter {N denyWindows
Microsoft all;
Edition, } 7 OPTIONS method returned values including i
to run
Edition,
Edition,
SHA:ECDHE-
SHA384:ECDHE-
stolen if the user's name="pw">
TLS/SSL
line
Home,
after
Windows
Microsoft
Microsoft
to your
POST protocol
Premium server
7 Ultimate
Windows
Windows N 7 6
system is ECDSA-AES128-
ECDSA-AES256-
support
block, you can add *
Edition,
N Edition,
Enterprise
Starter
8, Microsoft Microsoft
Microsoft
N Edition, TLS_RSA_WITH_AE
Edition,
compromised. SHA:ECDHE-RSA-
SHA384:ECDHE-
If there
other HTTP are many
methods *
Windows
Windows
AES256-
limit_except
Microsoft
RSA-AES256-
fields, it{ deny
may 8 Ultimate
7
Windows
be
GET 7 S_128_CBC_SHA25
TLS_RSA_WITH_AE
HTTP OPTIONS Metho Web servers that respVulnerable to
POSTbe
Edition,
Enterprise
Professional
Starter allowed
Microsoft to
all;
Edition, run
}
Edition, 6 OPTIONS method returned values including i
Note, however, that Enterprise
SHA384:ECDHE-
SHA:ECDHE-
faster
Configure
after
Windows
Microsoft toNset
POST
Edition,
Edition,
7the server7 S_128_GCM_SHA2
the
Ultimate
Windows
Microsoft Windows
form auto-complete ECDSA-AES256-
"autocomplete"
to
N require
Edition,
Enterprise
Starter clients
Microsoft
N Edition,
Edition, to 8 56
Edition,
is a non-standard, 8, Microsoft
Professional
SHA384:ECDHE-
SHA:DHE-RSA-
attribute to "off" in *
use
Windows
MicrosoftTLS
limit_exceptversion
7
Windows 1.2
GET 7
browser-side feature Windows
Microsoft
RSA-AES256-
AES128-
the outer 8
Windows
<form> tag.8 TLS_RSA_WITH_AE
*
HTTP OPTIONS Metho Web servers that respVulnerable using
POST
Enterprise
Professional
Starter Authenticated
{Ndeny all; }
Edition,
Edition,
Edition, OPTIONS method returned values including i
that each browser Enterprise
RT, Microsoft
SHA:ECDHE-
SHA256:DHE-RSA-
For example: Edition, S_128_GCM_SHA2
TLS_RSA_WITH_AE
Encryption
Microsoft
Microsoft with
Windows
Windows 7
Windows
ECDSA-AES256-
AES128-SHA:DHE- Longhorn 8 56
handles differently. Associated
Enterprise
Starter
8, Microsoft
Professional
Server Edition,
Beta Edition, S_256_CBC_SHA
NData
Edition,
Opera, for example, SHA:DHE-RSA-
DSS-AES128-
<form
(AEAD) capable
Microsoft
Windows
Microsoft
Disable Windows
8 TCP 7
Windows 8
TLS Server Supports disregards the
The PCI (Payment Card
Vulnerable AES128-
SHA256:DHE-RSA-
action="/login.jsp"
ciphers. *
Professional
Starter
Enterprise
RT,
timestamp N Edition,
Microsoft Edition, Successfully connected over TLSv1.1
Edition,
feature, requiring the SHA256:DHE-RSA-
AES256-
autocomplete="off" TLS_RSA_WITH_AE
Microsoft
Windows
responses Windows
on<input8
Longhorn 7
user to enter AES128-SHA:DHE-
SHA256:DHE-DSS-
name="pw"> S_256_CBC_SHA
S_256_CBC_SHA25
Starter
8, Microsoft
Professional
Server
Windows Edition,
Beta Edition,
versions
DSS-AES128-
AES256-SHA:DHE-
credentials for each type="password"
Microsoft
Windows
Microsoft
since Disable
Vista Windows
8 TCP 8
Windows 7 6
Autocomplete enabledWeb site visit. Vulnerable SHA256:DHE-RSA-
RSA-AES256-SHA:!
name="pw"> </form> Form* with action https://truespot.com/wp-logi
Starter
Enterprise
RT,
timestamp N
Microsoft Edition,
Edition,
AES256-
*
Microsoft
Windows
responses
SHA256:DHE-DSS- Windows
Longhorn
on 8 S_256_CBC_SHA25
EXPORT:!DES:!
8, Microsoft TLS_RSA_WITH_AE
Professional
Server
Windows TCP
AES256-SHA:DHE- Beta Edition,
versions
timestamps 6
RC4:!3DES:!MD5:!
Windows 8reliably S_256_GCM_SHA3
Microsoft
since
cannot Disable
Vista
RSA-AES256-SHA:! beWindowsTCP 8 84
Enterprise Edition,
RT,
timestamp
disabled Microsoft
aNULL:!eNULL:! on this OS. *
Microsoft
Windows
responses
If TCP timestamps Windows
Longhorn
on 8
Professional
Server
Windows
present TCP Beta Edition,
versions
timestamps
enough of a S_256_GCM_SHA3
RC4:!3DES:!MD5:!
Microsoft
since
cannot
risk, Disable
Vistabe Windows
TCP
reliably 8
The server is configurVulnerable PSK put a firewall 84
RT,
timestamp
disabled
capable Microsoft onblocking
of this OS.
Windows
responses
If
TCPTCP Longhorn
on
timestamps
timestamp
Server
Windows
present
packets TCP Beta versions
intimestamps
enoughfront of of a
TCP timestamp respoThe remote host respoVulnerable the Disable
since
cannot
risk, Vista
put
affected be TCP
reliably
a firewall
assets. Able to determine system boot time.
timestamp
disabled
capable of onblocking
this OS.
responses
If
TCPTCP on
timestamps
timestamp
Windows
present
packets TCPenough versions
intimestamps
front of of a
TCP timestamp respoThe remote host respoVulnerable since
cannot
risk, Vista
put
the affected be reliably
a firewall
disabled
this OS.
If
TCPTCP timestamps
timestamp
present
packets TCPenough intimestamps
front of of a
TCP timestamp respoThe remote host respoVulnerable cannot
risk, putbe
the affected reliably
a firewall
disabled
this OS.
If
TCPTCP timestamps
timestamp
present
packets enough in front of of a
TCP timestamp respoThe remote host respoVulnerable risk, put a firewall
the affected assets. Able to determine system boot time.
capable of blocking
TCP timestamp
packets in front of
TCP timestamp respoThe remote host respoVulnerable the affected assets. Able to determine system boot time.
TCP timestamps
cannot be reliably
disabled on this OS.
If TCP timestamps
present enough of a
risk, put a firewall
capable of blocking
TCP timestamp
packets in front of
TCP timestamp respoThe remote host respoVulnerable the affected assets. Able to determine system boot time.
Vulnerability CVE IDService Port Service Protocol Vulnerability Age Vulnerable Since
80 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
CVE-2014-6071 443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
fully connected over TLSv1.0 443 tcp 31 Days 21/05/2022
CVE-2011-3389 443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
22 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
S method returned values including i 443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022

443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
fully connected over TLSv1.1 443 tcp 31 Days 21/05/2022
h action https://truespot.com/wp-logi 443 tcp 31 Days 21/05/2022
454 tcp 31 Days 21/05/2022
443 tcp 31 Days 21/05/2022
etermine system boot time. 0 ip 0 Days 21/06/2022

Vulnerability Refer Service Name Service Product Exploit Count Exploit URLs
https://www.owasp.or HTTP IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS nginx 0
HTTPS IIS 10.0 0
https://www.owasp.or HTTPS IIS 10.0 0



https://www.owasp.or HTTPS nginx 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0

HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0

HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS nginx 0
HTTPS nginx 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
SSH OpenSSH 7.4p1 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0

HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS IIS 10.0 0
HTTPS nginx 0
HTTPS 0
HTTPS IIS 10.0 0
System 0
System 0
System 0
System 0
System 0
System 0
Asset ID Vulnerability Tags Custom Tag
532771 Database,Microsoft,Microsoft SQL Server,OWASP_2010,OWASP_2013,SQL Injection,Web,Web Spider
532765 HTTP,Web
532760 HTTP,Web
532757 HTTP,Web
532767 HTTP,Web
532764 HTTP,Web
532766 HTTP,Web
532758 HTTP,Web
532763 HTTP,Web
532768 HTTP,Web
532762 HTTP,Web
532770 HTTP,Web
532772 HTTP,Web
532771 HTTP,Web
532761 HTTP,Web
532759 HTTP,Web
532762 Microsoft,Microsoft ASP.NET,OWASP_2010,OWASP_2013,Web,Web Spider

532765 OWASP_2010,OWASP_2013,Web,Web Spider


532761 Apache,Information Gathering,Microsoft,Microsoft ASP.NET,Microsoft IIS,OWASP_2010,OWASP_2013,Web,Web
532761 Apache,Information Gathering,Microsoft,Microsoft ASP.NET,Microsoft IIS,OWASP_2010,OWASP_2013,Web,Web
532765 HTTP,OWASP_2010,OWASP_2013,Web,Web Spider

532762 XSS,jQuery

532761 Network
532761 Network
532761 Network,SSH
532765 Network
532765 Network
532760 Network
532760 Network
532757 Network
532757 Network
532767 Network
532767 Network
532764 Network
532764 Network
532766 Network
532766 Network
532758 Network
532758 Network
532763 Network
532763 Network
532768 Network
532768 Network
532762 Network
532762 Network
532765 HTTP,Web
532767 HTTP,Web
532764 HTTP,Web
532766 HTTP,Web
532763 HTTP,Web
532768 HTTP,Web
532770 Network
532769 Network
532772 Network
532771 Network
532773 Network
532770 HTTP,Web
532769 HTTP,Web
532772 HTTP,Web
532771 HTTP,Web
532773 HTTP,Web
532761 Network
532759 Network
532759 Network
532762 Network
532763 Network
532766 Network
532767 Network
532765 Network
532761 Network
ction,Web,Web Spider
P_2010,OWASP_2013,Web,Web Spider
P_2010,OWASP_2013,Web,Web Spider
Remediation Status Comments
Running on the latest version of ASP.NET. See screen capture. Can this be
Open Item confimed?
Open Item Site not needed - decommissioned
Updated web.Config to set HttpOnly=true and httpCookies requireSSL=true

Open Item parameters. See screen capture. All affected applications TBD 23 August.




Open Item Component not necessary - removing from site configuration.
Open Item Component not necessary - removing from site configuration.
Open Item HTTPS transport enabled. See screen capture.
Ticket DO-122 explains the cipher status. This is considered minimal risk for these
Open Item applications but pinning for future resolution.
Vulnerability
Out-of-date (ASP.NET MVC)
Expired SSL Certificate
HTTP Strict Transport Security (HSTS) Policy Not Enabled

Out-of-date Version (Bootstrap)
Out-of-date Version (jQuery)
SSL/TLS Not Implemented
Weak Ciphers Enabled

URL Method Severity
http://dealerapi.truespot.com/ GET High
https://adminapi.truespot.com/ GET Medium
https://betaadminapi.truespot.com/ GET Medium
https://rtls.truespot.com/ GET Medium
https://dealerapi.truespot.com/ GET Medium
https://auth.truespot.com/ GET Medium

https://betaadminapi.truespot.com/Scripts/bootstrap.js GET Medium
https://betaadminapi.truespot.com/Scripts/jquery-1.10.2.js GET Medium
https://automotive.truespot.com/ GET Medium
https://betaadminapi.truespot.com/ GET Medium
https://auth.truespot.com/ GET Medium
https://dealerapi.truespot.com/ GET Medium
https://rtls.truespot.com/ GET Medium

Parameter ParameterType Parameter Value
Updated web.Config to set HttpOnly=true and httpCookies requireSSL=true parameters.
Open Item See screen capture. All affected applications TBD 23 August.
Open Item New site launch - rescan after 12 August
Open Item New site launch - rescan after 12 August
Vulnerability URL
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://betaadmin.truespot.com/
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://dealer.truespot.com/
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://lm360.truespot.com/
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://valuecalc.truespot.com/

HTTP Strict Transport Security (HSTS) Policy Not Enabled https://www.truespot.com/
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://admin.truespot.com/
HTTP Strict Transport Security (HSTS) Policy Not Enabled https://recon.truespot.com/
Weak Ciphers Enabled https://lm360.truespot.com/
Weak Ciphers Enabled https://dealer.truespot.com/
Weak Ciphers Enabled https://betaadmin.truespot.com/
Weak Ciphers Enabled https://admin.truespot.com/
Weak Ciphers Enabled https://valuecalc.truespot.com/

Weak Ciphers Enabled https://www.truespot.com/
Weak Ciphers Enabled https://recon.truespot.com/

Method Severity Parameter ParameterType Parameter Value
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
GET Medium
Open Item Development resouces - considered out-of-scope
Vulnerability
Expired SSL Certificate
URL Method
https://zz-env-dev-recon.truespot.com/%3Cscript%3Ealert(0)%3C/script%3E GET
https://lotmgmt-d-us-c-web.azurewebsites.net/ GET
https://zz-dev-admin.truespot.com/ GET
https://devmoloadmin.azurewebsites.net/ GET
https://zz-dev-dealer.truespot.com/ GET
https://zz-env-dev-recon.truespot.com/ GET
https://zz-dev-dealer.truespot.com/ GET
https://lotmgmt-d-us-c-web.azurewebsites.net/ GET
https://zz-dev-admin.truespot.com/ GET
https://devmoloadmin.azurewebsites.net/ GET
https://zz-env-dev-recon.truespot.com/ GET
Severity Parameter ParameterType Parameter Value
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Medium
Color Coding Guide for ASV Vulnerability Workbook
In an effort to ensure your remediation and process to dispute findings is seamless, Specialized Security Services, Inc. has cre
The client will highlight the workbook(s) using the following table:
Red Highlight Open item, Client needs to provide S3 documentation with how the vulnerability was resolved.
Light Green Highlight False Positive vulnerabilities, Client Provided S3 Evidence Validating False Positive
Light Blue Highlight Client Provided S3 Evidence of Remediation
Pink Highlight Compensating Control, Client mitigates and accepts the Risk and Documents the Control
Orange Highlight Decommissioned assets or vendor managed hardware, Client provided S3 evidence of Decommissio
Yellow Highlight New vulnerability, does not affect current quarter compliance but remediation strongly recommended
Gray Highlight Passing vulnerability, does not affect compliance but remediation recommended
Please include evidence for ALL VULNERABILITIES; false positives, remediation, compensating control and/or decomm
Please use the first column on the report tab for comments or status.
d Security Services, Inc. has created a Color Coding system. Please use the following color coding to mark your ASV workbooks:
vulnerability was resolved.

g False Positive
ocuments the Control

ded S3 evidence of Decommissioned Asset
mediation strongly recommended
commended
nsating control and/or decommissioned assets. Specialized Security Services will need all evidence labeled with IP address and vulner
SV workbooks:
h IP address and vulnerability references (CVE or Vulnerability Title) so that Specialized Security Services, Inc. can valide these efforts effe
n valide these efforts effectively.
Row 1.3-17
Rows 1.29-35, 1.37-55

Row 2.2
Row 2.11

S3 Vulnerability Analysis RemPlan v2

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

S3 Vulnerability Analysis RemPlan v2

Uploaded by

Copyright:

Available Formats

Remediation Status Comments Asset IP Address

Can S3 provide details of the web server reply? There is no SQL DB

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Code updated to remove the application routing for the ASP.NET

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Updated web.Config to set HttpOnly=true and httpCookies

Open Item New site launch - rescan after 12 August 157.245.241.189

Open Item New site launch - rescan after 12 August 157.245.241.189

Open Item New site launch - rescan after 12 August 157.245.241.189

Open Item New site launch - rescan after 12 August 157.245.241.189

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Code updated to remove the application routing for the ASP.NET

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Added custom header X-Frame-Options value="DENY" to web.Config

Code updated to remove the application routing for the ASP.NET