Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 474

474 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CWE-295 represents a critical cryptographic weakness where software fails to properly validate digital certificates, undermining the integrity of secure communications. Attackers typically exploit this flaw by performing man-in-the-middle attacks, intercepting traffic between a client and server. By presenting a forged or invalid certificate, adversaries can decrypt sensitive data, inject malicious content, or impersonate legitimate services without detection. This vulnerability is particularly dangerous in applications relying on Transport Layer Security for confidentiality. To prevent such breaches, developers must implement rigorous certificate validation mechanisms, ensuring that the presented certificate is signed by a trusted Certificate Authority and matches the expected hostname. Additionally, enabling Certificate Pinning and strictly rejecting expired or revoked certificates further hardens the application against interception attempts, thereby preserving the authenticity and security of the data exchange.

MITRE CWE Description
The product does not validate, or incorrectly validates, a certificate.
Common Consequences (1)
Integrity, AuthenticationBypass Protection Mechanism, Gain Privileges or Assume Identity
When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The product might connect to a malicious host while believing it is a trusted host, or the product might be deceived into accepting s…
Mitigations (2)
Architecture and Design, ImplementationCertificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
ImplementationIf certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
Examples (2)
This code checks the certificate of a connected peer.
if ((cert = SSL_get_peer_certificate(ssl)) && host) foo=SSL_get_verify_result(ssl); if ((X509_V_OK==foo) || X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN==foo)) // certificate looks good, host can be trusted
Bad · C
The following OpenSSL code obtains a certificate and verifies it.
cert = SSL_get_peer_certificate(ssl); if (cert && (SSL_get_verify_result(ssl)==X509_V_OK)) { // do secret things }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2024-1351 MongoDB Server may allow successful untrusted connection — MongoDB Server 8.8 High2024-03-07
CVE-2024-2048 Vault Cert Auth Method Did Not Correctly Validate Non-CA Certificates — Vault 8.1 High2024-03-04
CVE-2023-47742 IBM QRadar Suite information dislosure — QRadar Suite Products 5.9 Medium2024-03-03
CVE-2024-25141 Apache Airflow Mongo Provider: Certificate validation isn't respected even if SSL is enabled for apache-airflow-providers-mongo — Apache Airflow Mongo Provider 7.5AIHighAI2024-02-20
CVE-2023-49250 Apache DolphinScheduler: Insecure TLS TrustManager used in HttpUtil — Apache DolphinScheduler 7.4AIHighAI2024-02-20
CVE-2023-47537 Fortinet FortiOS 信任管理问题漏洞 — FortiOS 4.4 Medium2024-02-15
CVE-2024-25642 Improper Certificate Validation in SAP Cloud Connector — SAP Cloud Connector 7.4 High2024-02-13
CVE-2023-47700 IBM Storage Virtualize improper certificate validation — Storage Virtualize 5.9 Medium2024-02-07
CVE-2023-43017 IBM Security Verify Access man in the middle — Security Verify Access Appliance 8.2 High2024-02-07
CVE-2023-32330 IBM Security Verify Access man in the middle — Security Verify Access Appliance 7.5 High2024-02-07
CVE-2024-1052 Boundary Vulnerable to Session Hijacking Through TLS Certificate Tampering — Boundary 8.0 High2024-02-05
CVE-2020-29504 Dell BSAFE Micro Edition Suite 安全漏洞 — BSAFE Crypto-C Micro Edition 7.4 High2024-02-02
CVE-2023-28807 Bypass of ZIA domain fronting detection module through evasion technique — ZIA 5.1 Medium2024-01-31
CVE-2023-50356 Improper Certificate Validation in AREAL Topkapi Vision (Server) — Topkapi Vision (Server) 6.5 Medium2024-01-31
CVE-2023-6043 Lenovo Vantage 信任管理问题漏洞 — Vantage 7.8 High2024-01-19
CVE-2023-51662 Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL) — snowflake-connector-net 6.0 Medium2023-12-22
CVE-2023-5594 Improper following of a certificate's chain of trust in ESET security products — ESET NOD32 Antivirus 7.5 High2023-12-21
CVE-2023-1514 Hitachi Energy RTU500 信任管理问题漏洞 — RTU500 Scripting Interface 7.4 High2023-12-19
CVE-2023-6680 Improper Certificate Validation in GitLab — GitLab 7.4 High2023-12-15
CVE-2023-48427 Siemens SINEC INS 信任管理问题漏洞 — SINEC INS 8.1 High2023-12-12
CVE-2023-49247 Huawei HarmonyOS 安全漏洞 — HarmonyOS 7.5AIHighAI2023-12-06
CVE-2023-43082 Dell Unity 安全漏洞 — Unity 8.6 High2023-11-22
CVE-2023-31421 Beats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue — Beats 5.9 Medium2023-10-26
CVE-2022-3761 OpenVPN Connect 信任管理问题漏洞 — OpenVPN Connect 7.4 -2023-10-17
CVE-2022-43892 IBM Security Verify Privilege information disclosure — Security Verify Privilege 3.7 Low2023-10-17
CVE-2022-22380 IBM Security Verify Privilege improper authentication — Security Verify Privilege 5.0 Medium2023-10-17
CVE-2023-5422 SSL Certificates are not checked for E-Mail Handling — OTRS 8.7 High2023-10-16
CVE-2023-45613 JetBrains Ktor 信任管理问题漏洞 — Ktor 6.8 Medium2023-10-09
CVE-2023-2422 Keycloak: oauth client impersonation — Red Hat Single Sign-On 7 5.5 Medium2023-10-04
CVE-2023-4801 ITM MacOS Agent Improper Certificate Validation — Insider Threat Management 7.5 High2023-09-13

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 474 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.