Redmine Security Scanner by Planio


Enter your Redmine address to find out:

Redmine Security Scanner tries to determine the version of your Redmine installation and it will list all known security vulnerabilities for that version. In addition, it will check your server configuration and make sure everything is set up securely.

Based on the results of these checks, Redmine Security Scanner will assign one of the following grades:

Redmine Security Scanner is a free community service provided by the Redmine professionals at Planio. You are only allowed to use this service to scan your own Redmine installation.

All checks are performed using black box testing, that means Redmine Security Scanner will only collect information about your Redmine server that is publicly accessible. It will not attempt to login or access any privileged information.

If your Redmine code has been modified or deviates from the standard releases available on the Redmine website, Redmine Security Scanner may occasionally detect a wrong version or display vulnerabilities which are not present or exploitable on your Redmine server. It might also claim that your Redmine server isn't vulnerable to any known vulnerabilities when it actually is. In some cases, Redmine Security Scanner will not be able to detect a Redmine version with 100% certainty. A version range and the associated vulnerabilities will be shown in this case.

Redmine Security Scanner was built and tested with meticulous care and to the best of our knowledge, but Planio GmbH does not give any guarantees as to the correctness of the information displayed. Planio GmbH cannot be held liable for the correctness of the results of Redmine Security Scanner. The security of your Redmine server is your own responsibility. We also provide professional Redmine hosting should you wish to focus on your core business instead of your Redmine server.

If you believe that Redmine Security Scanner shows wrong results for your server, please get in touch and we will be happy to see if we can improve it.