VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 21 of 36
  • CVE-2024-54147MedDec 9, 2024
    risk 0.37cvss 6.8epss 0.00

    Altair is a GraphQL client for all platforms. Prior to version 8.0.5, Altair GraphQL Client's desktop app does not validate HTTPS certificates allowing a man-in-the-middle to intercept all requests. Any Altair users on untrusted networks (eg. public wifi, malicious DNS servers)…

  • CVE-2018-8479MedSep 13, 2018
    risk 0.37cvss 5.6epss 0.02

    A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.

  • CVE-2024-53846MedDec 5, 2024
    risk 0.36cvss 5.5epss 0.00

    OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design principles for Erlang programs. A regression was introduced into the ssl application of OTP starting at OTP-25.3.2.8,…

  • CVE-2018-8356MedJul 11, 2018
    risk 0.36cvss 5.5epss 0.01

    A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework…

  • CVE-2018-8119MedMay 9, 2018
    risk 0.36cvss 5.6epss 0.01

    A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.

  • CVE-2017-8445MedAug 18, 2017
    risk 0.36cvss 5.5epss 0.00

    An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails the trust manager will be replaced with an instance that trusts all certificates. This could allow any node using any certificate to join a cluster. The…

  • CVE-2016-7171MedDec 5, 2016
    risk 0.36cvss 5.6epss 0.01

    NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.

  • CVE-2026-44213MedMay 26, 2026
    risk 0.35cvss 6.5epss 0.00

    The OpenTelemetry.Exporter.Instana exports telemetry to Instana backend. Prior to 1.1.0, the OpenTelemetry.Exporter.Instana NuGet package does not validate HTTPS/TLS certificates are valid when sending telemetry to a configured Instana back-end when a proxy is configured using…

  • CVE-2026-5263MedApr 9, 2026
    risk 0.35cvss 6.5epss 0.00

    URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A compromised or malicious sub-CA could issue leaf certificates with URI SAN entries that violate the nameConstraints of the issuing…

  • CVE-2026-25834MedApr 1, 2026
    risk 0.35cvss 6.5epss 0.00

    Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.

  • CVE-2025-20215MedAug 6, 2025
    risk 0.35cvss 5.4epss 0.00

    A vulnerability in the meeting-join functionality of Cisco Webex Meetings could have allowed an unauthenticated, network-proximate attacker to complete a meeting-join process in place of an intended targeted user, provided the requisite conditions were satisfied. Cisco has…

  • CVE-2024-9160MedSep 27, 2024
    risk 0.35cvss epss 0.00

    In versions of the PEADM Forge Module prior to 3.24.0 a security misconfiguration was discovered.

  • CVE-2017-7513MedAug 22, 2018
    risk 0.35cvss 5.4epss 0.00

    It was found that Satellite 5 configured with SSL/TLS for the PostgreSQL backend failed to correctly validate X.509 server certificate host name fields. A man-in-the-middle attacker could use this flaw to spoof a PostgreSQL server using a specially crafted X.509 certificate.

  • CVE-2017-2623MedJul 27, 2018
    risk 0.35cvss 5.3epss 0.01

    It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic…

  • CVE-2017-6143MedApr 13, 2018
    risk 0.35cvss 5.4epss 0.00

    X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11.5.5.

  • CVE-2017-1000417MedJan 22, 2018
    risk 0.35cvss 5.3epss 0.01

    MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

  • CVE-2016-5648MedJun 8, 2017
    risk 0.35cvss 5.3epss 0.01

    Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate.

  • CVE-2017-8301MedApr 27, 2017
    risk 0.35cvss 5.3epss 0.01

    LibreSSL 2.5.1 to 2.5.3 lacks TLS certificate verification if SSL_get_verify_result is relied upon for a later check of a verification result, in a use case where a user-provided verification callback returns 1, as demonstrated by acceptance of invalid certificates by nginx.

  • CVE-2015-4000LowMay 21, 2015
    risk 0.35cvss 3.7epss 1.00

    The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by…

  • CVE-2026-39828MedMay 22, 2026
    risk 0.34cvss 6.3epss 0.00

    When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with…