View Vulnerability Tests (QIDs) for CertView Scans

CertView scans always use these QIDs.

QID

Vulnerability Title

Severity

38116

SSL Server Information Retrieval

Informational

38139

SSL Server Has SSLv2 Enabled Vulnerability  

Vulnerability - level 3

38142

SSL Server Allows Anonymous Authentication Vulnerability    

Vulnerability - level 4

38167

SSL Certificate - Expired    

Vulnerability - level 2

38168

SSL Certificate - Future Start Date    

Vulnerability - level 2

38169

SSL Certificate - Self-Signed Certificate    

Vulnerability - level 2

38170

SSL Certificate - Subject Common Name Does Not Match Server FQDN    

Vulnerability - level 2

38171

SSL Certificate - Server Public Key Too Small    

Vulnerability - level 2

38172

SSL Certificate - Improper Usage Vulnerability  

Vulnerability - level 2

38173

SSL Certificate - Signature Verification Failed Vulnerability    

Vulnerability - level 2

38174

SSL Certificate - Will Expire Soon    

Vulnerability - level 1

38182

Webmin Static SSL Key Vulnerability    

Vulnerability - level 5

38224

OpenSSL ASN.1 Parsing Vulnerabilities    

Vulnerability - level 5

38356

OpenSSL RSA Timing Attack Vulnerability    

Vulnerability - level 4

38477

SSL Insecure Protocol Negotiation Weakness    

Vulnerability - level 2

38596

TLS Protocol Session Renegotiation Security Vulnerability    

Potential Vulnerability - level 5

38597

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Invalid Protocol Version Tolerance

Informational 

38598

Deprecated Public Key Length    Potential

Vulnerability - level 2

38599

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Compression Algorithm Information Leakage Vulnerability    

Vulnerability - level 3

38600

SSL Certificate will expire within next six months     

Informational

38601

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Use of Weak Cipher Rivest Cipher 4 (RC4/ARC4/ARCFOUR)    

Vulnerability - level 3

38602

OpenSSL Multiple Remote Security Vulnerabilities    

Potential Vulnerability - level 4

38603

SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)    

Vulnerability - level 3

38604

TLS CBC Incorrect Padding Abuse Vulnerability    

Vulnerability - level 3

38605

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server Factoring RSA_EXPORT Keys Vulnerability (FREAK)    

Vulnerability - level 4

38607

SSL Server Diffie-Hellman passive listening attack Vulnerability    

Vulnerability - level 4

38608

SSL Server Diffie-Hellman Weak Encryption Vulnerability (Logjam)    

Potential Vulnerability - level 4

38609

SSL Server default Diffie-Hellman prime information  

Informational 

38610

SSL/TLS Server supports TLS_FALLBACK_SCSV  

Informational 

38626

OpenSSL oracle padding vulnerability (CVE-2016-2107)    

Vulnerability - level 4

38659

F5 BIG-IP TLS Vulnerability (Ticketbleed)    

Vulnerability - level 4

38695

TLS ROBOT Vulnerability Detected 

Vulnerability - level 4

38704

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Key Exchange Methods 

Informational

38706

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Protocol Properties  

Informational 

38764

TLS Padding Oracle Vulnerability (Zombie POODLE and GOLDENDOODLE)    

Vulnerability - level 3

42007

Debian OpenSSL Package Random Number Generator Weakness   

Vulnerability - level 5

42012

X.509 Certificate MD5 Signature Collision Vulnerability    

Vulnerability - level 2

42350

TLS Secure Renegotiation Extension Support Information    

Informational 

42366

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)   

Vulnerability - level 3

42430

OpenSSL Memory Leak Vulnerability (Heartbleed Bug)  

Vulnerability - level 4

45218

Authenticated Certificate Retrieval - Information  

Informational 

45231

Trusted Digital Certificates Enumerated From Windows Registry    

Informational 

48143

Qualys Correlation ID Detected    

Informational 

86000

Web Server Version    

Informational 

86001

SSL Web Server Version    

Informational 

86002

SSL Certificate - Information 

Informational 

86137

HTTP Strict Transport Security (HSTS) Support Detected    

Informational

105737

EOL/Obsolete Hardware: Cisco Application Control Engine (ACE) 30/4710 Secure Sockets Layer (SSL) Software Development Kit (SDK) Bleichenbacher Attack Information Disclosure Vulnerability (ROBOT)

Potential Vulnerability - level 5

120604

Oracle Java SE Critical Patch Update - October 2012 (ROBOT)    

Vulnerability - level 5

316174

Cisco ASA Bleichenbacher attack on TLS Information Disclosure Vulnerability(ROBOT)    

Vulnerability - level 4

370661

F5 BIG-IP OpenSSL Man in the Middle Vulnerability (K21905460) (ROBOT)    
 

Vulnerability - level 4

370683

Citrix NetScaler ADC and Gateway TLS Padding Oracle Vulnerability (CTX230238) (ROBOT)    

Vulnerability - level 4

38685  

 SSL Certificate - Invalid Maximum Validity Date Detected 

Vulnerability - level 2

38716 

Secure Sockets Layer (SSL) Certificate - Revoked    

Vulnerability - level 2

38717  

Secure Sockets Layer (SSL) Certificate Online Certificate Status Protocol (OCSP) Information    

Informational

38718 

Secure Sockets Layer (SSL) Certificate Transparency Information    

Informational 

45039

Host Names Found    

Informational 

42041 

Detection of certificates with vulnerable keys 1 (ROCA)    

Vulnerability - level 4

Good to Know

It is not possible to customize the QIDs for CertView scans by editing your option profile. If you change the scan options under Vulnerability Detection in the option profile, Certificate View ignores the settings and always uses the QIDs listed above.