Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Citrix Gateway Open Redirect And XSS Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity CRIME SSL/TLS attack CVE-2012-4929 CWE-310 CWE-310 Medium HTTPS connection uses outdated TLS version CWE-310 CWE-310 Medium HTTPS connection with weak key length CWE-310 CWE-310 Medium Insecure Transportation Security Protocol Supported (TLS 1.1) CWE-326 CWE-326 Medium Insecure usage of Version 1 UUID/GUID CWE-328 CWE-328 Medium SSL/TLS Not Implemented CWE-319 CWE-319 Medium The FREAK attack CVE-2015-0204 CWE-310 CWE-310 Medium The POODLE attack (SSLv3 with CBC cipher suites) CVE-2014-3566 CWE-326 CWE-326 Medium TLS/SSL certificate key size too small CWE-310 CWE-310 Medium TLS/SSL LOGJAM attack CVE-2015-4000 CWE-310 CWE-310 Medium TLS/SSL Sweet32 attack CVE-2016-2183 CVE-2016-6329 CWE-310 CWE-310 Medium TLS/SSL Weak Cipher Suites CWE-310 CWE-310 Medium