CCF/tests/tls_report.csv

"ALPN","","INFO","http/1.1","",""
"BEAST","","OK","not vulnerable, no SSL3 or TLS1","CVE-2011-3389","CWE-20"
"BREACH","","OK","not vulnerable, no HTTP compression  - only supplied '/' tested","CVE-2013-3587","CWE-310"
"CCS","","OK","not vulnerable","CVE-2014-0224","CWE-310"
"CRIME_TLS","","OK","not vulnerable","CVE-2012-4929","CWE-310"
"DNS_CAArecord","","LOW","--","",""
"DROWN","","OK","not vulnerable on this host and port","CVE-2016-0800 CVE-2016-0703","CWE-310"
"DROWN_hint","","INFO","no RSA certificate, can't be used with SSLv2 elsewhere","CVE-2016-0800 CVE-2016-0703","CWE-310"
"FREAK","","OK","not vulnerable","CVE-2015-0204","CWE-310"
"HPKP","","INFO","No support for HTTP Public Key Pinning","",""
"HSTS","","LOW","not offered","",""
"HTTP_clock_skew","","INFO","Got no HTTP time, maybe try different URL?","",""
"HTTP_status_code","","INFO","404 NOT_FOUND ('/')","",""
"LOGJAM","","OK","not vulnerable, no DH EXPORT ciphers,","CVE-2015-4000","CWE-310"
"LOGJAM-common_primes","","OK","no DH key with <= TLS 1.2","CVE-2015-4000","CWE-310"
"LUCKY13","","OK","not vulnerable","CVE-2013-0169","CWE-310"
"NPN","","INFO","not offered","",""
"OCSP_stapling","","INFO","not offered","",""
"PFS","","OK","offered","",""
"PFS_ECDHE_curves","","OK","prime256v1 secp384r1 secp521r1","",""
"PFS_ciphers","","INFO","TLS_AES_256_GCM_SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 TLS_AES_128_GCM_SHA256 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"POODLE_SSL","","OK","not vulnerable, no SSLv3","CVE-2014-3566","CWE-310"
"RC4","","OK","not vulnerable","CVE-2013-2566 CVE-2015-2808","CWE-310"
"ROBOT","","OK","not vulnerable, no RSA key transport cipher","CVE-2017-17382 CVE-2017-17427 CVE-2017-17428 CVE-2017-13098 CVE-2017-1000385 CVE-2017-13099 CVE-2016-6883 CVE-2012-5081 CVE-2017-6168","CWE-203"
"SSL_sessionID_support","","INFO","yes","",""
"SSLv2","","OK","not offered","",""
"SSLv3","","OK","not offered","",""
"SWEET32","","OK","not vulnerable","CVE-2016-2183 CVE-2016-6329","CWE-327"
"TLS1","","INFO","not offered","",""
"TLS1_1","","INFO","not offered","",""
"TLS1_2","","OK","offered","",""
"TLS1_3","","OK","offered with final","",""
"TLS_extensions","","INFO","'renegotiation info/#65281' 'EC point formats/#11' 'session ticket/#35' 'supported versions/#43' 'key share/#51' 'supported_groups/#10' 'max fragment length/#1' 'application layer protocol negotiation/#16' 'extended master secret/#23'","",""
"TLS_session_ticket","","INFO","valid for 7200 seconds only (<daily)","",""
"TLS_timestamp","","INFO","random","",""
"banner_application","","INFO","No application banner found","",""
"banner_reverseproxy","","INFO","--","","CWE-200"
"banner_server","","INFO","No Server banner line in header, interesting!","",""
"cert","","INFO","----------","",""
"cert_caIssuers","","INFO","CCF Test Service","",""
"cert_certificatePolicies_EV","","INFO","no","",""
"cert_chain_of_trust","","CRITICAL","failed (chain incomplete).","",""
"cert_commonName","","OK","CCF Node","",""
"cert_commonName_wo_SNI","","INFO","CCF Node","",""
"cert_crlDistributionPoints","","INFO","--","",""
"cert_eTLS","","INFO","not present","",""
"cert_expirationStatus","","HIGH","expires < 30 days (0)","",""
"cert_extKeyUsage","","INFO","No server extended key usage information","",""
"cert_fingerprintSHA1","","INFO","","",""
"cert_fingerprintSHA256","","INFO","","",""
"cert_keySize","","OK","EC 384 bits","",""
"cert_keyUsage","","INFO","No server key usage information","",""
"cert_mustStapleExtension","","INFO","--","",""
"cert_notAfter","","HIGH","","",""
"cert_notBefore","","INFO","","",""
"cert_numbers","","INFO","1","",""
"cert_ocspURL","","INFO","--","",""
"cert_revocation","","HIGH","Neither CRL nor OCSP URI provided","",""
"cert_serialNumber","","INFO","","",""
"cert_serialNumberLen","","INFO","","",""
"cert_signatureAlgorithm","","OK","ECDSA with SHA384","",""
"cert_subjectAltName","","INFO","","",""
"cert_trust","","OK","Ok via SAN","",""
"cert_validityPeriod","","INFO","No finding","",""
"certificate_transparency","","INFO","--","",""
"certs_countServer","","INFO","1","",""
"certs_list_ordering_problem","","INFO","no","",""
"cipher_negotiated","","OK","TLS_AES_256_GCM_SHA384, 256 bit ECDH (P-256)","",""
"cipher_order","","OK","server","",""
"cipher_x1301","","INFO","x1301   TLS_AES_128_GCM_SHA256            ECDH 256   AESGCM      128      TLS_AES_128_GCM_SHA256","",""
"cipher_x1302","","INFO","x1302   TLS_AES_256_GCM_SHA384            ECDH 256   AESGCM      256      TLS_AES_256_GCM_SHA384","",""
"cipher_xc02b","","INFO","xc02b   ECDHE-ECDSA-AES128-GCM-SHA256     ECDH 521   AESGCM      128      TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","",""
"cipher_xc02c","","INFO","xc02c   ECDHE-ECDSA-AES256-GCM-SHA384     ECDH 521   AESGCM      256      TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","",""
"cipherlist_3DES_IDEA","","INFO","not offered","","CWE-310"
"cipherlist_AVERAGE","","INFO","not offered","","CWE-310"
"cipherlist_EXPORT","","OK","not offered","","CWE-327"
"cipherlist_LOW","","OK","not offered","","CWE-327"
"cipherlist_NULL","","OK","not offered","","CWE-327"
"cipherlist_STRONG","","OK","offered","",""
"cipherlist_aNULL","","OK","not offered","","CWE-327"
"cipherorder_TLSv1_2","","INFO","ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"cipherorder_TLSv1_3","","INFO","TLS_AES_256_GCM_SHA384 TLS_AES_128_GCM_SHA256","",""
"clientsimulation-android_442","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-android_500","","INFO","TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"clientsimulation-android_60","","INFO","TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256","",""
"clientsimulation-android_70","","INFO","No connection","",""
"clientsimulation-android_81","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-android_90","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-android_X","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-apple_ats_9_ios9","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-chrome_74_win10","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-chrome_79_win10","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-edge_15_win10","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-edge_17_win10","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-firefox_66_win81","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-firefox_71_win10","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-ie_11_win10","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-ie_11_win7","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-ie_11_win81","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-ie_11_winphone81","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-ie_6_xp","","INFO","No connection","",""
"clientsimulation-ie_8_win7","","INFO","No connection","",""
"clientsimulation-ie_8_xp","","INFO","No connection","",""
"clientsimulation-java1102","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-java1201","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-java_6u45","","INFO","No connection","",""
"clientsimulation-java_7u25","","INFO","No connection","",""
"clientsimulation-java_8u161","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-openssl_102e","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-openssl_110l","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-openssl_111d","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-opera_66_win10","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-safari_10_osx1012","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-safari_121_ios_122","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-safari_130_osx_10146","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"clientsimulation-safari_9_ios9","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-safari_9_osx1011","","INFO","TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384","",""
"clientsimulation-thunderbird_68_3_1","","INFO","TLSv1.3 TLS_AES_256_GCM_SHA384","",""
"cookie_count","","INFO","0 at '/' (30x detected, better try target URL of 30x)","",""
"fallback_SCSV","","OK","no protocol below TLS 1.2 offered","",""
"heartbleed","","OK","not vulnerable, no heartbeat extension","CVE-2014-0160","CWE-119"
"id","fqdn/ip","port","severity","finding","cve","cwe"
"pre_128cipher","","INFO","No 128 cipher limit bug","",""
"protocol_negotiated","","OK","Default protocol TLS1.3","",""
"secure_client_renego","","OK","not vulnerable","CVE-2011-1473","CWE-310"
"secure_renego","","OK","supported","","CWE-310"
"security_headers","","MEDIUM","--","",""
"service","","INFO","HTTP","",""
"sessionresumption_ID","","INFO","not supported","",""
"sessionresumption_ticket","","INFO","not supported","",""
"ticketbleed","","OK","not vulnerable","CVE-2016-9244","CWE-200"