Vulnerability Report
Vulnerability Report
Vulnerability Report
SETIS EVS 01
Prepared for SETIS Automação e Sistemas Ltda
Completed 2023-10-05 12:19:59 CDT
Job ID: 4350554
1
Table of Contents
1. Overview ........................................................................................................................................................................................................................ 3
2. Findings Summary ........................................................................................................................................................................................................ 4
3. Findings ......................................................................................................................................................................................................................... 5
4. Targets ........................................................................................................................................................................................................................... 20
5. Scan Inventory ............................................................................................................................................................................................................... 21
6. Exception Vulnerability & Policy Violations ................................................................................................................................................................. 22
2
Overview
Service: Internal/External Network Self-Service
Started 2023-10-05 11:41:55 CDT
Duration 0 days 0 hours 38 minutes
3
Findings Summary
Severity Title KB ID Count Page
High SSL Certificate is Not Trusted (External Scan) SLID-2008-0150 1 assets / 1 instances / 0 excepted 5
Medium SSL Certificate Common Name Does Not Validate (External Scan) SLID-2008-0159 1 assets / 1 instances / 0 excepted 6
Info No Hostname Entered For This Web Server SLID-2010-0639 1 assets / 1 instances / 0 excepted 11
Info SSL Perfect Forward Secrecy Supported SLID-2008-0144 2 assets / 2 instances / 0 excepted 13
Info Web Application Potentially Sensitive CGI Parameter Detection SLID-2010-0706 5 assets / 6 instances / 0 excepted 17
4
Findings
High SSL Certificate is Not Trusted (External Scan) 1 assets / 1 instances / 0 excepted
Authentication/Digital Certificate/Certificate Chain of Trust SLID-2008-0150
Description It was not possible to validate the SSL certificate, and thus it could not be trusted. Users may receive a security warning when
using this service. This occurs because either the certificate or a certificate in its chain has issues that prevent validation.
Some examples of these issues are, but not limited to, a certificate having expired, the hostname does not have match the
name on the certificate, or the certificate is not signed by a well-known Certificate Authority (CA).
CVE CVE-NO-MATCH
CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVSS Score 7.3
Remediation Please refer to the evidence for more details as to why this finding has been flagged. In cases where there are validation errors
within the certificate chain, you will need to work with your certificate authority. A mismatch between the certificate common
name and the configured scan target can indicate an issue with the scan configuration. E.g. an IP address was provided when
it should have been a URL. Please check your scan configuration and ensure that the target has been set as a URL/domain. If
this digital (SSL) certificate is associated with a service accessible to the general public, you may want to consider acquiring a
digital (SSL) certificate from a well-known Certificate Authority (CA), keep it up to date and not let your certificate expire.
Consider buying a SecureTrust™ SSL certificate here: https://certs.securetrust.com For more information about digital (SSL)
certificates, visit https://www.trustwave.com/Resources/Trustwave-Blog/Secure-Websites-Are-Now-the-Norm--Is-Yours-
Trusted-/? Please note that other Approved Scanning Vendors (ASV), or other testing services may only look for this
vulnerability on port 443. Please refer to the "port" column to confirm which port we have identified this vulnerability on."
5
Medium SSL Certificate Common Name Does Not Validate (External Scan) 1 assets / 1 instances / 0 excepted
Authentication/Digital Certificate/Certificate Mismatch SLID-2008-0159
Description This SSL certificate has a common name (CN) that does not appear to match the identity of the server. Modern browsers may
present a warning to users who attempt to browse this service as it is currently configured. Note that in some networks in
which load balancers are used, it may not be possible for the scanner to perform this test correctly.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS Score 6.8
Remediation Check your certificate to ensure it is installed on the correct service. Verify that you have added the domain name or fully
qualified virtual host name of the system to your Network Questionnaire. Please refer to the evidence for more details as to
why this finding has been flagged. In cases where there are validation errors within the certificate chain, you will need to work
with your certificate authority. This finding often results when there is an issue with the scan configuration. E.g. an IP address
was provided when it should have been a URL. Please check your scan configuration and ensure that the scan target has been
set as a URL/domain. Additionally, check your DNS servers to ensure that the domain name is properly mapped to the correct
IP address. Please note the port associated with this finding. This finding may NOT be originating from port 443, which is what
most online testing tools check by default.
6
Info Enumerated Applications 3 assets / 3 instances / 0 excepted
Information/Service Discovery SLID-2011-0699
7
Info Enumerated Hostnames 2 assets / 2 instances / 0 excepted
Information SLID-2011-0758
Description This list contains all hostnames discovered during the scan that are believed to belong to this host.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation No action is required.
8
Info Enumerated SSL/TLS Cipher Suites 2 assets / 2 instances / 0 excepted
Information Leak/Host Fingerprinting SLID-2013-0102
Description The finding reports the SSL cipher suites for each SSL/TLS service version provided by the remote service. This finding does
not represent a vulnerability, but is only meant to provide visibility into the behavior and configuration of the remote SSL/TLS
service. The information provided as part of this finding includes the SSL version (ex: TLSv1) as well as the name of the cipher
suite (ex: RC4-SHA). A cipher suite is a set of cryptographic algorithms that provide authentication, encryption, and message
authentication code (MAC) as part of an SSL/TLS negotiation and through the lifetime of the SSL session. It is typical that an
SSL service would support multiple cipher suites. A cipher suite can be supported by across multiple SSL/TLS versions, so you
should be of no concern to see the same cipher name reported for multiple
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation No remediation is necessary.
References http://www.openssl.org/docs/apps/ciphers.html
9
Info Host Detected 2 assets / 2 instances / 0 excepted
Information/Service Discovery SLID-2018-0020
10
Info No Hostname Entered For This Web Server 1 assets / 1 instances / 0 excepted
Information/Service Configuration SLID-2010-0639
Description This host is running a web server and does not have a fully-qualified domain name (i.e. www.example.com) associated with it.
CVE CVE-NO-MATCH
CVSS Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
CVSS Score 0.0
Remediation If your organization owns a domain name that corresponds to this web server, add it to the scan parameters from within the
TrustKeeper portal.
11
Info SSL Certificate Expiring Soon 2 assets / 2 instances / 0 excepted
Authentication/Digital Certificate/Certificate Expiration SLID-2008-0160
Description This SSL certificate is currently valid; however, it is set to expire in the near future.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation Contact your Certificate Authority (CA) to have a new certificate issued prior to the expiration date. Please note the port
associated with this finding. This finding may NOT be originating from port 443, which is what most online testing tools check
by default.
12
Info SSL Perfect Forward Secrecy Supported 2 assets / 2 instances / 0 excepted
Information/Service Configuration SLID-2008-0144
Description The server supports Ephemeral Diffie-Hellman ciphers for the SSL/TLS key exchange phase. Using this algorithm enforces
Forward Secrecy for secure communications with the server.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation No remediation is necessary.
13
Info SSL-TLS Certificate Information 2 assets / 2 instances / 0 excepted
Information/Service Discovery SLID-2017-0430
Description Information extracted from a certificate discovered on a TLS or SSL wrapped service.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
14
Info Service Detected 2 assets / 2 instances / 0 excepted
Information/Service Discovery SLID-2018-0022
15
Info TLSv1.2 Supported 2 assets / 2 instances / 0 excepted
Cryptography SLID-2020-0032
16
Info Web Application Potentially Sensitive CGI Parameter Detection 5 assets / 6 instances / 0 excepted
Information Leak/Exposed Data/Sensitive Information SLID-2010-0706
Description According to their names, some CGI parameters may control sensitive data (e.g., ID, privileges, commands, prices, credit card
data, etc.). In the course of using an application, these variables may disclose sensitive data or be prone to tampering that
could result in privilege escalation.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation The parameters for this server should be examined to determine what type of data is controlled and if it poses a security risk.
17
Info Website Detected 3 assets / 3 instances / 0 excepted
Information/Service Discovery SLID-2018-0024
18
Info Wildcard SSL Certificate Detected 2 assets / 2 instances / 0 excepted
Authentication/Digital Certificate SLID-2008-0155
Description An SSL certificate with a wildcarded common name (CN) record (e.g., *.mydomain.com) was detected on this service.
CVE CVE-NO-MATCH
CVSS Vector AV:N/AC:L/Au:N/C:N/I:N/A:N
CVSS Score 0.0
Remediation Review your certificate configurations to assure that wildcard certificates are suitable for your application.
19
Targets
Augusta1.setis.com.br
augusta2.setis.com.br
20
Scan Inventory
Asset Domain OS Location Application
177.8.172.26:443/https/tcp
443/https/tcp
21
Exception Vulnerability & Policy Violations
None
22
CONFIDENTIAL INFORMATION - FOR INTERNAL USE ONLY
This document is the property of SETIS Automação e Sistemas Ltda ; it contains information that is proprietary, confidential or otherwise restricted
from disclosure. If you are not an authorized recipient, please return this document to the above-named owner. Dissemination, distribution copying or
use of this document in whole or in part by anyone other than the intended recipient is strictly prohibited without prior written permission of SETIS
Automação e Sistemas Ltda and Trustwave.
www.trustwave.com
23