VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 13 of 36
  • CVE-2025-0309MedAug 14, 2025
    risk 0.39cvss epss 0.00

    An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially…

  • CVE-2025-5279HigMay 27, 2025
    risk 0.39cvss epss 0.00

    When the Amazon Redshift Python Connector is configured with the BrowserAzureOAuth2CredentialsProvider plugin, the driver skips the SSL certificate validation step for the Identity Provider. An insecure connection could allow an actor to intercept the token exchange process and…

  • CVE-2024-21543HigDec 13, 2024
    risk 0.39cvss 7.1epss 0.01

    Versions of the package djoser before 2.3.0 are vulnerable to Authentication Bypass when the authenticate() function fails. This is because the system falls back to querying the database directly, granting access to users with valid credentials, and eventually bypassing custom…

  • CVE-2017-15698MedJan 31, 2018
    risk 0.39cvss 5.9epss 0.04

    When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for…

  • CVE-2017-14582MedSep 30, 2017
    risk 0.39cvss 5.9epss 0.02

    The Zoho Site24x7 Mobile Network Poller application before 1.1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a self-signed certificate.

  • CVE-2015-3420MedSep 19, 2017
    risk 0.39cvss 5.9epss 0.03

    The ssl-proxy-openssl.c function in Dovecot before 2.2.17, when SSLv3 is disabled, allow remote attackers to cause a denial of service (login process crash) via vectors related to handshake failures.

  • CVE-2017-7932MedAug 7, 2017
    risk 0.39cvss 6.0epss 0.00

    An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus,…

  • CVE-2016-2402MedJan 30, 2017
    risk 0.39cvss 5.9epss 0.02

    OkHttp before 2.7.4 and 3.x before 3.1.2 allows man-in-the-middle attackers to bypass certificate pinning by sending a certificate chain with a certificate from a non-pinned trusted CA and the pinned certificate.

  • CVE-2012-2993MedSep 18, 2012
    risk 0.39cvss 5.9epss 0.04

    Microsoft Windows Phone 7 does not verify the domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL server for the (1) POP3, (2) IMAP, or (3) SMTP protocol via an arbitrary valid certificate.

  • CVE-2009-2408MedJul 30, 2009
    risk 0.39cvss 5.9epss 0.06

    Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows…

  • CVE-2008-4989MedNov 13, 2008
    risk 0.39cvss 5.9epss 0.02

    The _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls in GnuTLS before 2.6.1 trusts certificate chains in which the last certificate is an arbitrary trusted, self-signed certificate, which allows man-in-the-middle attackers to insert a spoofed…

  • CVE-2026-40944MedApr 21, 2026
    risk 0.38cvss epss 0.00

    Oxia is a metadata store and coordination system. Prior to 0.16.2, the trustedCertPool() function in the TLS configuration only parses the first PEM block from CA certificate files. When a CA bundle contains multiple certificates (e.g., intermediate + root CA), only the first…

  • CVE-2025-62375MedOct 15, 2025
    risk 0.38cvss epss 0.00

    go-witness and witness are Go modules for generating attestations. In go-witness versions 0.8.6 and earlier and witness versions 0.9.2 and earlier the AWS attestor improperly verifies AWS EC2 instance identity documents. Verification can incorrectly succeed when a signature is…

  • CVE-2025-0254MedMar 20, 2025
    risk 0.38cvss 5.9epss 0.00

    HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially alter communication between two parties.

  • CVE-2025-23091MedFeb 1, 2025
    risk 0.38cvss 5.9epss 0.00

    An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.

  • CVE-2018-11087MedSep 14, 2018
    risk 0.38cvss 5.9epss 0.01

    Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability to intercept traffic would be able to view data in transit.

  • CVE-2018-15898MedSep 11, 2018
    risk 0.38cvss 5.9epss 0.01

    The Subsonic Music Streamer application 4.4 for Android has Improper Certificate Validation of the Subsonic server certificate, which might allow man-in-the-middle attackers to obtain interaction data.

  • CVE-2018-2460MedSep 11, 2018
    risk 0.38cvss 5.9epss 0.01

    SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to do MITM attack.

  • CVE-2018-1000664MedSep 6, 2018
    risk 0.38cvss 5.9epss 0.01

    daneren2005 DSub for Subsonic (Android client) version 5.4.1 contains a CWE-295: Improper Certificate Validation vulnerability in HTTPS Client that can result in Any non-CA signed server certificate, including self signed and expired, are accepted by the client. This attack…

  • CVE-2017-13105MedAug 15, 2018
    risk 0.38cvss 5.9epss 0.01

    Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication. This opens the application up to a man-in-the-middle attack having all of its encrypted traffic intercepted and read by an attacker.