CWE-295
Improper Certificate Validation
Description
The product does not validate, or incorrectly validates, a certificate.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-459 · CAPEC-475
CVEs mapped to this weakness (720)
page 10 of 36| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4740 | Hig | 0.46 | 8.2 | 0.00 | Apr 7, 2026 | A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the… | ||
| CVE-2026-1531 | — | Hig | 0.46 | 8.1 | 0.00 | Feb 2, 2026 | A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic… | |
| CVE-2026-1530 | — | Hig | 0.46 | 8.1 | 0.00 | Feb 2, 2026 | A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and… | |
| CVE-2024-45205 | Hig | 0.46 | 7.1 | 0.00 | Dec 4, 2024 | An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. Affected Products: UniFi iOS App… | ||
| CVE-2024-7206 | Hig | 0.46 | — | 0.00 | Oct 8, 2024 | SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware | ||
| CVE-2024-37311 | Hig | 0.46 | 8.2 | 0.00 | Aug 23, 2024 | Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is… | ||
| CVE-2018-6219 | Med | 0.46 | 6.5 | 0.04 | Mar 15, 2018 | An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data. | ||
| CVE-2018-1000096 | — | Hig | 0.46 | 8.1 | 0.01 | Mar 13, 2018 | brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to… | |
| CVE-2015-2318 | Hig | 0.46 | 8.1 | 0.02 | Jan 8, 2018 | The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue. | ||
| CVE-2015-5263 | Hig | 0.46 | 8.1 | 0.01 | Sep 25, 2017 | pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration. | ||
| CVE-2023-32198 | hig | 0.45 | — | 0.00 | Apr 25, 2025 | ### Impact A vulnerability has been identified in Steve where by default it was using an insecure option that did not validate the certificate presented by the remote server while performing a TLS connection. This could allow the execution of a man-in-the-middle (MitM) attack… | ||
| CVE-2024-10039 | hig | 0.45 | — | 0.00 | Nov 25, 2024 | A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the… | ||
| CVE-2026-41119 | Med | 0.44 | 6.8 | 0.00 | May 18, 2026 | Dell Live Optics Windows and Personal Edition collectors contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to loss of confidentiality and integrity. | ||
| CVE-2026-44305 | — | Med | 0.44 | 6.8 | 0.00 | May 12, 2026 | Lemur manages TLS certificate creation. Prior to 1.9.0, when LDAP TLS is enabled (LDAP_USE_TLS = True), Lemur's LDAP authentication module unconditionally disables TLS certificate verification at the global ldap module level. This allows a man-in-the-middle attacker positioned… | |
| CVE-2026-42312 | Med | 0.44 | 6.8 | 0.00 | May 11, 2026 | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates security-sensitive options behind a hand-maintained allowlist… | ||
| CVE-2025-9708 | Med | 0.44 | 6.8 | 0.00 | Sep 16, 2025 | A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate… | ||
| CVE-2024-13956 | Med | 0.44 | 6.7 | 0.00 | May 22, 2025 | SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*. | ||
| CVE-2025-30000 | Med | 0.44 | 6.7 | 0.00 | Apr 8, 2025 | A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges. | ||
| CVE-2018-16261 | Med | 0.44 | 6.8 | 0.00 | Sep 6, 2018 | In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust. | ||
| CVE-2018-3927 | Med | 0.44 | 6.8 | 0.01 | Aug 27, 2018 | An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS… |
- risk 0.46cvss 8.2epss 0.00
A flaw was found in Open Cluster Management (OCM), the technology underlying Red Hat Advanced Cluster Management (ACM). Improper validation of Kubernetes client certificate renewal allows a managed cluster administrator to forge a client certificate that can be approved by the…
- risk 0.46cvss 8.1epss 0.00
A flaw was found in foreman_kubevirt. When configuring the connection to OpenShift, the system disables SSL verification if a Certificate Authority (CA) certificate is not explicitly set. This insecure default allows a remote attacker, capable of intercepting network traffic…
- risk 0.46cvss 8.1epss 0.00
A flaw was found in fog-kubevirt. This vulnerability allows a remote attacker to perform a Man-in-the-Middle (MITM) attack due to disabled certificate validation. This enables the attacker to intercept and potentially alter sensitive communications between Satellite and…
- risk 0.46cvss 7.1epss 0.00
An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point. Affected Products: UniFi iOS App…
- risk 0.46cvss —epss 0.00
SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware
- risk 0.46cvss 8.2epss 0.00
Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is…
- risk 0.46cvss 6.5epss 0.04
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.
- risk 0.46cvss 8.1epss 0.01
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to…
- risk 0.46cvss 8.1epss 0.02
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.
- risk 0.46cvss 8.1epss 0.01
pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when retrieving the server's public key upon registration.
- risk 0.45cvss —epss 0.00
### Impact A vulnerability has been identified in Steve where by default it was using an insecure option that did not validate the certificate presented by the remote server while performing a TLS connection. This could allow the execution of a man-in-the-middle (MitM) attack…
- risk 0.45cvss —epss 0.00
A vulnerability was found in Keycloak. Deployments of Keycloak with a reverse proxy not using pass-through termination of TLS, with mTLS enabled, are affected. This issue may allow an attacker on the local network to authenticate as any user or client that leverages mTLS as the…
- risk 0.44cvss 6.8epss 0.00
Dell Live Optics Windows and Personal Edition collectors contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leading to loss of confidentiality and integrity.
- risk 0.44cvss 6.8epss 0.00
Lemur manages TLS certificate creation. Prior to 1.9.0, when LDAP TLS is enabled (LDAP_USE_TLS = True), Lemur's LDAP authentication module unconditionally disables TLS certificate verification at the global ldap module level. This allows a man-in-the-middle attacker positioned…
- risk 0.44cvss 6.8epss 0.00
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates security-sensitive options behind a hand-maintained allowlist…
- risk 0.44cvss 6.8epss 0.00
A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate…
- risk 0.44cvss 6.7epss 0.00
SSL Verification Bypass vulnerabilities exist in ASPECT if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.*; NEXUS Series: through 3.*; MATRIX Series: through 3.*.
- risk 0.44cvss 6.7epss 0.00
A vulnerability has been identified in Siemens License Server (SLS) (All versions < V4.3). The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges.
- risk 0.44cvss 6.8epss 0.00
In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust.
- risk 0.44cvss 6.8epss 0.01
An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS…