Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-295 (证书验证不恰当) — Vulnerability Class 474

474 vulnerabilities classified as CWE-295 (证书验证不恰当). AI Chinese analysis included.

CWE-295 represents a critical cryptographic weakness where software fails to properly validate digital certificates, undermining the integrity of secure communications. Attackers typically exploit this flaw by performing man-in-the-middle attacks, intercepting traffic between a client and server. By presenting a forged or invalid certificate, adversaries can decrypt sensitive data, inject malicious content, or impersonate legitimate services without detection. This vulnerability is particularly dangerous in applications relying on Transport Layer Security for confidentiality. To prevent such breaches, developers must implement rigorous certificate validation mechanisms, ensuring that the presented certificate is signed by a trusted Certificate Authority and matches the expected hostname. Additionally, enabling Certificate Pinning and strictly rejecting expired or revoked certificates further hardens the application against interception attempts, thereby preserving the authenticity and security of the data exchange.

MITRE CWE Description
The product does not validate, or incorrectly validates, a certificate.
Common Consequences (1)
Integrity, AuthenticationBypass Protection Mechanism, Gain Privileges or Assume Identity
When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client. The product might connect to a malicious host while believing it is a trusted host, or the product might be deceived into accepting s…
Mitigations (2)
Architecture and Design, ImplementationCertificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.
ImplementationIf certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
Examples (2)
This code checks the certificate of a connected peer.
if ((cert = SSL_get_peer_certificate(ssl)) && host) foo=SSL_get_verify_result(ssl); if ((X509_V_OK==foo) || X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN==foo)) // certificate looks good, host can be trusted
Bad · C
The following OpenSSL code obtains a certificate and verifies it.
cert = SSL_get_peer_certificate(ssl); if (cert && (SSL_get_verify_result(ssl)==X509_V_OK)) { // do secret things }
Bad · C
CVE IDTitleCVSSSeverityPublished
CVE-2024-10445 Synology DiskStation Manager(DSM)和Synology BeeStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM) 4.3 Medium2025-03-19
CVE-2024-10444 Synology DiskStation Manager 信任管理问题漏洞 — DiskStation Manager (DSM) 7.5 High2025-03-19
CVE-2023-48785 Fortinet FortiNAC-F 信任管理问题漏洞 — FortiNAC-F 4.4 Medium2025-03-14
CVE-2024-40590 Fortinet FortiPortal 信任管理问题漏洞 — FortiPortal 4.4 Medium2025-03-14
CVE-2024-41724 Gallagher Command Centre 信任管理问题漏洞 — Command Centre Server 8.7 High2025-03-10
CVE-2024-43107 Gallagher Milestone Integration Plugin 信任管理问题漏洞 — Milestone Integration Plugin 7.2 High2025-03-10
CVE-2024-50394 Helpdesk — Helpdesk 7.4 -2025-03-07
CVE-2025-1001 Medixant RadiAnt DICOM Viewer Improper Certificate Validation — RadiAnt DICOM Viewer 5.7 Medium2025-02-21
CVE-2024-29171 Dell BSAFE 信任管理问题漏洞 — Dell BSAFE SSL-J 5.9 Medium2025-02-12
CVE-2025-1002 MicroDicom DICOM Viewer Improper Certificate Validation — DICOM Viewer 5.7 Medium2025-02-10
CVE-2024-11621 Devolutions Remote Desktop Manager 信任管理问题漏洞 — Remote Desktop Manager 7.4 -2025-02-10
CVE-2025-1193 Devolutions Remote Desktop Manager 信任管理问题漏洞 — Remote Desktop Manager 7.4 -2025-02-10
CVE-2024-47258 2N Access Commander 安全漏洞 — 2N Access Commander 8.1 High2025-02-06
CVE-2024-23928 Pioneer DMH-WT7600NEX Telematics Improper Certificate Validation — DMH-WT7600NEX 6.5 Medium2025-01-31
CVE-2024-23970 ChargePoint Home Flex Improper Certificate Validation — Home Flex 6.5 Medium2025-01-30
CVE-2023-38009 IBM Cognos Analytics Mobile information disclosure — Cognos Analytics Mobile 4.2 Medium2025-01-26
CVE-2024-52330 ECOVACS lawnmowers and vacuums do not properly validate TLS certificates — DEEBOT X5 PRO PLUS 7.4 High2025-01-23
CVE-2024-52329 ECOVACS HOME mobile app plugins do not properly validate TLS certificates — ECOVACS HOME 7.4 High2025-01-23
CVE-2024-42186 HCL BigFix Patch Download Plug-ins are affected by an insecure protocol support — BigFix Patch Management Download Plug-ins 2.8 Low2025-01-23
CVE-2025-0501 Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol) — WorkSpaces Client 7.5 High2025-01-15
CVE-2025-0500 Issue affecting Amazon WorkSpaces (when running Amazon DCV protocol), Amazon AppStream 2.0, and Amazon DCV clients — WorkSpaces Client 7.5 High2025-01-15
CVE-2025-20126 Cisco ThousandEyes Endpoint Agent Certificate Validation Vulnerability — Cisco ThousandEyes Endpoint Agent 4.8 Medium2025-01-08
CVE-2024-40702 IBM Cognos Controller improper certificate validation — Controller 8.2 High2025-01-07
CVE-2024-56521 TCPDF 安全漏洞 — tcpdf 5.3 -2024-12-27
CVE-2024-47119 IBM Storage Defender - Resiliency Service improper certificate validation — Storage Defender - Resiliency Service 5.9 Medium2024-12-18
CVE-2024-6001 Lenovo Display Control Center和Lenovo Accessories and Display Manager 安全漏洞 — Accessories and Display Manager 8.1 High2024-12-16
CVE-2024-4762 Lenovo Display Control Center和Lenovo Accessories and Display Manager 安全漏洞 — Accessories and Display Manager 7.8 High2024-12-16
CVE-2024-12174 Tenable Security Center 安全漏洞 — Security Center 2.7 Low2024-12-09
CVE-2024-54147 Altair GraphQL Client's desktop app does not validate HTTPS certificates — altair 6.8 Medium2024-12-09
CVE-2024-48865 QTS, QuTS hero — QTS 9.8 -2024-12-06

Vulnerabilities classified as CWE-295 (证书验证不恰当) represent 474 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.