Vulnerability disclosure address: None Yet
Status: Early discussions
- Date Posted:4/20/2017
- Type of Vulnerability: Multiple SSL/TLS Implementation Issues
- Products affected: https://v1-1api.chiaro.co.uk/
- Found and reported by: RenderMan
- Date Reported: 4/7/2017
- Description: The SSL/TLS implementation on https://v1-1api.chiaro.co.uk/ (the API backend) receives an "F" rating on ssllabs.com due to weak and insecure cipher suites being allowed.
- Remediation: The SSL/TLS implementation was reconfigured to only allow strong and secure ciphers and now receives an "A" rating.