Escolar Documentos
Profissional Documentos
Cultura Documentos
For
Contact Us : csd.wapt@nic.in
Application Cyber Security Group
National Informatics Centre 011-2430-5872
# A – Block, 011-2430-5142
CGO Complex, Lodhi Road 011-2430-5934
New Delhi - 110003
Contributions:
Name Role
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |2
Key Findings
1. Security Misconfiguration
2. Server Related Issues
3. Using Known Vulnerable components
4. Default Admin Password
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |3
Security Misconfiguration
Recommendations
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |4
Server Related Issues
1. Upon Scanning, it is observed that the application is vulnerable to various SSL related
Vulnerabilities as shown in the screenshot below:
Recommendations
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |5
Using Known Vulnerable Components
Recommendations
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |6
Default Admin Password
Recommendations
1. Admin page should not accessible to public. Restrict the admin page access only to
admin IPs.
2. Use strong password with alphanumeric characters.
3. Password should contain minimum of 8 characters.
This document is confidential to CSD-NIC. It must not be reproduced or circulated without prior approval from CSD-
NIC.
Page |7