caslite.axisbank.co.in - Githubissues

anand-bhat / httpswatch

Track usage and HTTPS configuration of websites that are expected to be secure.

https://anand-bhat.github.io/httpswatch/

GNU General Public License v3.0

4 stars 1 forks source link

caslite.axisbank.co.in #32

Open anand-bhat opened 8 years ago

anand-bhat commented 8 years ago

Organization: Axis Bank Type: Private-sector bank

Host: caslite.axisbank.co.in Function: ?

https://www.ssllabs.com/ssltest/analyze.html?d=caslite.axisbank.co.in

Grade: F

Issues:

Heartbleed
CVE-2014-0224
CVE-2016-2107
Not trusted
POODLE (SSL)
SSLv3
RC4
Incomplete chain
No FS

All IP addresses that use this certificate and are vulnerable to Heartbleed:

115.112.85.207
2403:0:100:1c:0:0:0:86
202.191.184.207

anand-bhat commented 8 years ago

When contacted for a security contact via DM (@AxisBank) on 2016-08-29, was asked to provide details via a DM. Details sent on 2016-08-30 and acknowledged ("Hi, thanks for sharing the details. We’ve shared the same with the relevant team.")

anand-bhat commented 7 years ago

Contacted CERT-In via incident@cert-in.org.in on 2016-10-04. Provided evidence on 2016-10-05.

anand-bhat commented 7 years ago

Reminded on 2016-11-07.

anand-bhat commented 7 years ago

Grade improved to A when checked on 2016-12-06.

anand-bhat commented 7 years ago

Site uses revoked certificate. Grade downgraded to F when checked on 2017-07-04.