Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 474

474 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CWE-295 represents a critical cryptographic weakness where software fails to properly validate digital certificates, undermining the integrity of secure communications. Attackers typically exploit this flaw by performing man-in-the-middle attacks, intercepting traffic between a client and server. By presenting a forged or invalid certificate, adversaries can decrypt sensitive data, inject malicious content, or impersonate legitimate services without detection. This vulnerability is particularly dangerous in applications relying on Transport Layer Security for confidentiality. To prevent such breaches, developers must implement rigorous certificate validation mechanisms, ensuring that the presented certificate is signed by a trusted Certificate Authority and matches the expected hostname. Additionally, enabling Certificate Pinning and strictly rejecting expired or revoked certificates further hardens the application against interception attempts, thereby preserving the authenticity and security of the data exchange.

MITRE CWE Description
The product does not validate, or incorrectly validates, a certificate.
Common Consequences (1)
Integrity, AuthenticationBypass Protection Mechanism, Gain Privileges or Assume Identity
When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The product might connect to a malicious host while believing it is a trusted host, or the product might be deceived into accepting s…
Mitigations (2)
Architecture and Design, ImplementationCertificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
ImplementationIf certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
Examples (2)
This code checks the certificate of a connected peer.
if ((cert = SSL_get_peer_certificate(ssl)) && host) foo=SSL_get_verify_result(ssl); if ((X509_V_OK==foo) || X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN==foo)) // certificate looks good, host can be trusted
Bad · C
The following OpenSSL code obtains a certificate and verifies it.
cert = SSL_get_peer_certificate(ssl); if (cert && (SSL_get_verify_result(ssl)==X509_V_OK)) { // do secret things }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2025-7095 Comodo Internet Security Premium Update certificate validation — Internet Security Premium 3.7 Low2025-07-06
CVE-2025-34066 AVTECH IP camera, DVR, and NVR Devices Unauthenticated Information Disclosure — IP cameras 7.4AIHighAI2025-07-01
CVE-2025-6032 Podman: podman missing tls verification 8.3 High2025-06-24
CVE-2025-39205 Hitachi MicroSCADA X SYS600 安全漏洞 — MicroSCADA X SYS600 6.5 Medium2025-06-24
CVE-2025-52919 Yealink YMCS RPS 信任管理问题漏洞 — RPS 4.3 Medium2025-06-21
CVE-2025-36041 IBM MQ improper certificate validation — MQ Operator 4.7 Medium2025-06-15
CVE-2025-24471 Fortinet FortiOS 信任管理问题漏洞 — FortiOS 6.0 Medium2025-06-10
CVE-2025-29885 File Station 5 — File Station 5 8.8AIHighAI2025-06-06
CVE-2025-29884 File Station 5 — File Station 5 8.8AIHighAI2025-06-06
CVE-2025-29883 File Station 5 — File Station 5 8.8AIHighAI2025-06-06
CVE-2025-22486 File Station 5 — File Station 5 8.8AIHighAI2025-06-06
CVE-2025-30279 File Station 5 — File Station 5 9.8AICriticalAI2025-06-06
CVE-2025-33031 File Station 5 — File Station 5 9.8AICriticalAI2025-06-06
CVE-2025-5279 Issue with Amazon Redshift Python Connector and the BrowserAzureOAuth2CredentialsProvider plugin — Redshift 7.5AIHighAI2025-05-27
CVE-2024-13956 SSL Verification Bypass — ASPECT-Enterprise 6.7 Medium2025-05-22
CVE-2025-4575 The x509 application adds trusted use instead of rejected use — OpenSSL 7.5AIHighAI2025-05-22
CVE-2024-45641 IBM Security ReaQta improper certificate validation — Security ReaQta EDR 6.5 Medium2025-05-20
CVE-2023-33861 IBM Security ReaQta improper certificate validation — Security ReaQta EDR 6.5 Medium2025-05-20
CVE-2025-3463 ASUS DriverHub 安全漏洞 — DriverHub 10.0AICriticalAI2025-05-09
CVE-2025-20157 Cisco Catalyst vManage Certificate Validation Vulnerability — Cisco Catalyst SD-WAN Manager 5.9 Medium2025-05-07
CVE-2025-46551 JRuby-OpenSSL has hostname verification disabled by default — jruby-openssl 5.9 -2025-05-07
CVE-2024-47619 tranport: TLS host name wildcard matching too lax — syslog-ng 7.5 High2025-05-07
CVE-2025-3218 IBM i improper certificate validation — i 5.4 Medium2025-05-07
CVE-2025-37730 Logstash Improper Certificate Validation in TCP output — Logstash 6.5 Medium2025-05-06
CVE-2025-20670 MediaTek Chipsets 信任管理问题漏洞 — MT2737, MT6813, MT6835, MT6835T, MT6878, MT6878M, MT6879, MT6886, MT6895, MT6895TT, MT6896, MT6897, MT6899, MT6980, MT6980D, MT6983, MT6983T, MT6985, MT6985T, MT6989, MT6989T, MT6990, MT6991, MT8666, MT8667, MT8673, MT8675, MT8676, MT8678, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798 5.7AIMediumAI2025-05-05
CVE-2025-26478 Dell ECS 信任管理问题漏洞 — ECS 3.1 Low2025-04-17
CVE-2024-42193 HCL BigFix Web Reports is susceptible to a Man-In-The-Middle (MITM) attack — HCL BigFix Platform 7.4AIHighAI2025-04-15
CVE-2025-30000 Siemens License Server 信任管理问题漏洞 — Siemens License Server (SLS) 6.7 Medium2025-04-08
CVE-2021-25635 Content Manipulation with Certificate Validation Attack — LibreOffice 7.5 -2025-03-21
CVE-2025-0254 HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. — HCL Digital Experience 5.9 Medium2025-03-20

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 474 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.