I scanned a host with Nessus, in order to do a vulnerability Assessment, and one of the findings looked really odd to me.
Nessus rated this finding's risk as Medium. The finding was, that a service uses an SSL certificate which supports the use of Medium strength SSL ciphers with known weaknesses, and hence can impose a threat. Now, let us assume that this SSL certificate is not from a known CA, but came with a security product, for this case we can say Juniper SA (SSL VPN), and is presented on the login page. What are the threats here, are they really possible, do they really justify a Medium risk level, if it only "supports" the use-of, and I use strong SSL ciphers, does that justify a Medium risk (I guess it can't know that), and what does it say about a security vendor that issues a "weak" certificate with a product of his?
I personally have a feeling (just a feeling, no technical knowledge on this sort of possible-attack) that this attack is very difficult to launch and to have success with.
Any thoughts?