VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 2 of 36
  • CVE-2026-45388CriJun 15, 2026
    risk 0.59cvss 9.1epss 0.00

    In OCaml-TLS before 2.1.0, the client implementation does insufficient checks of the certificate provided by the server, which allows impersonation with certificates that are not meant for server authentication (because of KeyUsage and ExtendedKeyUsage).

  • CVE-2025-70043CriFeb 23, 2026
    risk 0.59cvss 9.1epss 0.00

    An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options

  • CVE-2025-7390CriAug 21, 2025
    risk 0.59cvss 9.1epss 0.00

    A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication.

  • CVE-2025-23114CriFeb 5, 2025
    risk 0.59cvss 9.0epss 0.01

    A vulnerability in Veeam Updater component allows Man-in-the-Middle attackers to execute arbitrary code on the affected server. This issue occurs due to a failure to properly validate TLS certificate.

  • CVE-2026-5787HigMay 7, 2026
    risk 0.58cvss 8.9epss 0.01

    An Improper Certificate Validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to impersonate registered Sentry hosts and obtain valid CA-signed client certificates.

  • CVE-2026-4370CriApr 1, 2026
    risk 0.58cvss 10.0epss 0.00

    A vulnerability was identified in Juju from version 3.2.0 until 3.6.19 and from version 4.0 until 4.0.4, where the internal Dqlite database cluster fails to perform proper TLS client and server authentication. Specifically, the Juju controller's database endpoint does not…

  • CVE-2026-30836CriMar 19, 2026
    risk 0.58cvss 10.0epss 0.00

    Step CA is an online certificate authority for secure, automated certificate management for DevOps. Versions 0.30.0-rc6 and below do not safeguard against unauthenticated certificate issuance through the SCEP UpdateReq. This issue has been fixed in version 0.30.0.

  • CVE-2025-68121CriFeb 5, 2026
    risk 0.58cvss 10.0epss 0.01

    During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and…

  • CVE-2026-32253CriMay 22, 2026
    risk 0.57cvss 9.8epss 0.00

    Sunshine is a self-hosted game stream host for Moonlight. In versions prior to 2026.516.143833, the client-certificate authentication can be bypassed because of how OpenSSL verification results are handled. In src/crypto.cpp, the custom verify callback treats…

  • CVE-2026-8992HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.01

    An improper certificate validation vulnerability in Ivanti Secure Access Client before 22.8R6 allows a remote unauthenticated attacker to execute arbitrary code.

  • CVE-2024-41724HigMar 10, 2025
    risk 0.57cvss 8.7epss 0.00

    Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions of Gallagher Command Centre prior to 9.20.1043.

  • CVE-2025-1014HigFeb 4, 2025
    risk 0.57cvss 8.8epss 0.00

    Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability was fixed in Firefox 135, Firefox ESR 128.7, Thunderbird 128.7, and Thunderbird 135.

  • CVE-2022-32509HigMay 14, 2024
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.0 and Nuki Bridge v2 before 2.13.2.

  • CVE-2016-1000030CriSep 5, 2018
    risk 0.57cvss 9.8epss 0.02

    Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509…

  • CVE-2018-8059HigMar 11, 2018
    risk 0.57cvss 8.8epss 0.01

    The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.

  • CVE-2017-7429HigMar 2, 2018
    risk 0.57cvss 8.8epss 0.01

    The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

  • CVE-2015-2320CriJan 8, 2018
    risk 0.57cvss 9.8epss 0.04

    The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.

  • CVE-2017-11364HigAug 2, 2017
    risk 0.57cvss 8.8epss 0.02

    The CMS installer in Joomla! before 3.7.4 does not verify a user's ownership of a webspace, which allows remote authenticated users to gain control of the target application by leveraging Certificate Transparency logs.

  • CVE-2015-3886CriJul 21, 2017
    risk 0.57cvss 9.8epss 0.02

    libinfinity before 0.6.6-1 does not validate expired SSL certificates, which allows remote attackers to have unspecified impact via unknown vectors.

  • CVE-2017-3218HigJun 21, 2017
    risk 0.57cvss 8.8epss 0.00

    Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior to version 5.0, Samsung Magician uses HTTP for software updates.