Elvie DVE Reports

Elvie

Website: https://www.elvie.com/
Vulnerability disclosure address: None Yet
Status: Early discussions

DVE-2017-27

  • Date Posted:4/20/2017
  • Type of Vulnerability: Multiple SSL/TLS Implementation Issues
  • Products affected: https://v1-1api.chiaro.co.uk/
  • Found and reported by: RenderMan
  • Date Reported: 4/7/2017
  • Description: The SSL/TLS implementation on https://v1-1api.chiaro.co.uk/ (the API backend) receives an "F" rating on ssllabs.com due to weak and insecure cipher suites being allowed.
  • Remediation: The SSL/TLS implementation was reconfigured to only allow strong and secure ciphers and now receives an "A" rating.