Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 474

474 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CWE-295 represents a critical cryptographic weakness where software fails to properly validate digital certificates, undermining the integrity of secure communications. Attackers typically exploit this flaw by performing man-in-the-middle attacks, intercepting traffic between a client and server. By presenting a forged or invalid certificate, adversaries can decrypt sensitive data, inject malicious content, or impersonate legitimate services without detection. This vulnerability is particularly dangerous in applications relying on Transport Layer Security for confidentiality. To prevent such breaches, developers must implement rigorous certificate validation mechanisms, ensuring that the presented certificate is signed by a trusted Certificate Authority and matches the expected hostname. Additionally, enabling Certificate Pinning and strictly rejecting expired or revoked certificates further hardens the application against interception attempts, thereby preserving the authenticity and security of the data exchange.

MITRE CWE Description
The product does not validate, or incorrectly validates, a certificate.
Common Consequences (1)
Integrity, AuthenticationBypass Protection Mechanism, Gain Privileges or Assume Identity
When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The product might connect to a malicious host while believing it is a trusted host, or the product might be deceived into accepting s…
Mitigations (2)
Architecture and Design, ImplementationCertificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
ImplementationIf certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
Examples (2)
This code checks the certificate of a connected peer.
if ((cert = SSL_get_peer_certificate(ssl)) && host) foo=SSL_get_verify_result(ssl); if ((X509_V_OK==foo) || X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN==foo)) // certificate looks good, host can be trusted
Bad · C
The following OpenSSL code obtains a certificate and verifies it.
cert = SSL_get_peer_certificate(ssl); if (cert && (SSL_get_verify_result(ssl)==X509_V_OK)) { // do secret things }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2023-41180 Apache NiFi MiNiFi C++: Incorrect Certificate Validation in InvokeHTTP for MiNiFi C++ — Apache NiFi MiNiFi C++ 5.9 -2023-09-03
CVE-2023-39441 Apache Airflow SMTP Provider, Apache Airflow IMAP Provider, Apache Airflow: SMTP/IMAP client components allowed MITM due to missing Certificate Validation — Apache Airflow SMTP Provider 6.8 -2023-08-23
CVE-2023-1409 Certificate validation issue in MongoDB Server running on Windows or macOS — MongoDB Server 5.3 Medium2023-08-23
CVE-2023-38686 Sydent does not verify email server certificates — sydent 9.3 Critical2023-08-04
CVE-2023-3615 Lack of server certificate validation in websockets connection — Mattermost iOS app 8.1 High2023-07-17
CVE-2023-31190 Missing TLS (HTTPS) certificate validation during firmware update in DroneScout ds230 Remote ID receiver from BlueMark Innovations — ds230 8.1 High2023-07-11
CVE-2023-23546 Milesight UR32L 信任管理问题漏洞 — UR32L 4.2 Medium2023-07-06
CVE-2023-32464 Dell VxRail 信任管理问题漏洞 — Dell EMC VxRail Appliance 2.7 Low2023-06-23
CVE-2023-29175 Fortinet FortiOS 信任管理问题漏洞 — FortiOS 4.4 Medium2023-06-13
CVE-2023-1664 Red Hat Keycloak 信任管理问题漏洞 — Keycloak 8.2 -2023-05-26
CVE-2023-28321 curl 信任管理问题漏洞 — https://github.com/curl/curl 5.3 -2023-05-26
CVE-2023-20881 Cloud Foundry CAPI 信任管理问题漏洞 — Cloud Controller API 7.4 -2023-05-19
CVE-2022-45458 Acronis Agent和Acronis Cyber Protect 信任管理问题漏洞 — Acronis Agent 9.1 -2023-05-18
CVE-2022-45457 Acronis Agent和Acronis Cyber Protect 信任管理问题漏洞 — Acronis Agent 9.1 -2023-05-18
CVE-2023-31151 Improper Certificate Validation — SEL-3505 4.7 Medium2023-05-10
CVE-2022-39161 IBM WebSphere Application Server information disclosure — WebSphere Application Server 4.8 Medium2023-05-03
CVE-2023-24461 BIG-IP Edge Client for Windows and macOS vulnerability — BIG-IP Edge Client 7.4 High2023-05-03
CVE-2022-48186 Lenovo Baiying 信任管理问题漏洞 — Baiying 6.2 Medium2023-05-01
CVE-2023-22642 Fortinet FortiManager 信任管理问题漏洞 — FortiAnalyzer 6.8 High2023-04-11
CVE-2023-28093 Pegasystem Synchronization Engine 信任管理问题漏洞 — RPA: Synchronization Engine 6.5 -2023-04-10
CVE-2023-29000 Nextcloud Desktop client does not verify received singed certificate in end-to-end encryption — security-advisories 5.4 Medium2023-04-04
CVE-2022-27644 NETGEAR R6700v3 信任管理问题漏洞 — R6700v3 8.1 -2023-03-29
CVE-2021-21548 Dell EMC Unisphere for PowerMax信任管理问题漏洞 — Unisphere for PowerMax, Dell EMC Unisphere for PowerMax Virtual Appliance , PowerMax OS 7.4 High2023-03-17
CVE-2022-4895 Man-in-the-middle attack Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer — Hitachi Infrastructure Analytics Advisor 8.6 High2023-02-28
CVE-2022-39948 Fortinet FortiOS 信任管理问题漏洞 — FortiProxy 4.4 Medium2023-02-16
CVE-2022-34404 Dell System Update 信任管理问题漏洞 — System Update 6.5 Medium2023-02-10
CVE-2022-3913 Rapid7 Nexpose Certificate Validation Issue — Nexpose 5.3 Medium2023-02-01
CVE-2022-45100 Dell PowerScale OneFS 信任管理问题漏洞 — PowerScale OneFS 8.1 High2023-02-01
CVE-2022-32748 Schneider Electric EcoStruxure Cybersecurity Admin Expert 信任管理问题漏洞 — EcoStruxure™ Cybersecurity Admin Expert (CAE) 7.9 High2023-01-30
CVE-2023-0509 Improper Certificate Validation in pyload/pyload — pyload/pyload 7.4 -2023-01-26

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 474 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.