pragati.axisbank.co.in - Githubissues

anand-bhat / httpswatch

Track usage and HTTPS configuration of websites that are expected to be secure.

https://anand-bhat.github.io/httpswatch/

GNU General Public License v3.0

4 stars 1 forks source link

pragati.axisbank.co.in #28

Open anand-bhat opened 8 years ago

anand-bhat commented 8 years ago

Organization: Axis Bank Type: Private-sector bank

Host: pragati.axisbank.co.in Function: ?

https://www.ssllabs.com/ssltest/analyze.html?d=pragati.axisbank.co.in

Grade: F

Issues:

Heartbleed
CVE-2014-0224
CVE-2016-2107
POODLE (SSL)
Weak DH
Incomplete chain
RC4
SSLv3
No FS

All IP addresses that use this certificate and are vulnerable to Heartbleed:

115.112.85.98
2403:0:100:1c:0:0:0:152
36.255.28.98
202.191.184.98

anand-bhat commented 8 years ago

When contacted for a security contact via DM (@AxisBank) on 2016-08-29, was asked to provide details via a DM. Details sent on 2016-08-30 and acknowledged ("Hi, thanks for sharing the details. We’ve shared the same with the relevant team.")

anand-bhat commented 7 years ago

Contacted CERT-In via incident@cert-in.org.in on 2016-10-04. Provided evidence on 2016-10-05.

anand-bhat commented 7 years ago

Reminded on 2016-11-07.

anand-bhat commented 7 years ago

Grade improved to B when checked on 2016-12-06.