Summary

Acunetix 360 detected that a certificate is signed using a weak signature algorithm.

The weak signature algorithm is known to be cryptographically weak and vulnerable to collision attacks.

Impact

Attackers can observe the encrypted traffic between your website and its visitors by leveraging the use of this vulnerability.

Remediation

You'll need to generate a new certificate request, and get your CA to issue you a new certificate using SHA-2.

Severity

High

Classification

PCI v3.2-6.5.4 CAPEC-459 ISO27001-A.10 WASC-4 OWASP 2013-A6 OWASP 2017-A3