When using a vulnerability scanner against SCSP, the scanner reports a vulnerability of the certificate which is used by SCSP due to the MD5 signature algorithm.
In previous versions, the certificate was signed with the MD5 hash algorithm, in which the digital signature strength was 16 Bytes. The MD5 hash algorithm has a vulnerability that it can be cracked through parallel computing.
Symantec is aware of the vulnerability and has replaced MD5 to SHA1 as the hash algorithm to sign the signature in the version 5.2.7 or later.
To avoid the vulnerability, upgrade to the latest version.
This is machine translated content
Login to Subscribe
Please login to set up your subscription.
Didn't find the article you were looking for? Try these resources.