SSL Untrusted Root Certificate

Description

Acunetix detected that the SSL Certificate is not signed by the trusted root.

Remediation

The process of fixing untrusted root certificate issues varies depending on the host or the certificate authority used. Please refer to the corresponding documentation.

References

SSL Untrusted Root Certificate | Invicti

Related Vulnerabilities

OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0465)

Joomla Improper Certificate Validation Vulnerability (CVE-2017-11364)

NuSOAP Improper Certificate Validation Vulnerability (CVE-2012-6071)

Squid Improper Certificate Validation Vulnerability (CVE-2023-46724)

Beego Framework Improper Certificate Validation Vulnerability (CVE-2024-40464)

Severity

Medium

Classification

CWE-295 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N