CWE-295
Improper Certificate Validation
Description
The product does not validate, or incorrectly validates, a certificate.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-459 · CAPEC-475
CVEs mapped to this weakness (720)
page 31 of 36| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-29222 | 0.00 | — | 0.01 | May 21, 2022 | Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only.… | |||
| CVE-2022-24901 | 0.00 | — | 0.01 | May 4, 2022 | Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks… | |||
| CVE-2022-1343 | 0.00 | — | 0.01 | May 3, 2022 | The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate… | |||
| CVE-2022-28142 | — | 0.00 | — | 0.01 | Mar 29, 2022 | Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues. | ||
| CVE-2022-0759 | — | 0.00 | — | 0.01 | Mar 25, 2022 | A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate… | ||
| CVE-2022-27820 | — | 0.00 | — | 0.01 | Mar 24, 2022 | OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server. | ||
| CVE-2022-23649 | 0.00 | — | 0.00 | Feb 18, 2022 | Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker… | |||
| CVE-2022-23632 | 0.00 | — | 0.02 | Feb 17, 2022 | Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the… | |||
| CVE-2022-22885 | — | 0.00 | — | 0.01 | Feb 16, 2022 | Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation. | ||
| CVE-2022-24968 | — | 0.00 | — | 0.01 | Feb 11, 2022 | In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during… | ||
| CVE-2021-44549 | 0.00 | — | 0.02 | Dec 14, 2021 | Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility… | |||
| CVE-2021-40831 | 0.00 | — | 0.01 | Nov 22, 2021 | The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes will… | |||
| CVE-2021-40830 | 0.00 | — | 0.00 | Nov 22, 2021 | The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the… | |||
| CVE-2021-40829 | 0.00 | — | 0.00 | Nov 22, 2021 | Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.4.2), Python (versions prior to 1.6.1), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.3) did not verify server certificate hostname during TLS handshake when overriding… | |||
| CVE-2021-40828 | 0.00 | — | 0.00 | Nov 22, 2021 | Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.3.3), Python (versions prior to 1.5.18), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.1) did not verify server certificate hostname during TLS handshake when overriding… | |||
| CVE-2021-3761 | 0.00 | — | 0.01 | Sep 9, 2021 | Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a… | |||
| CVE-2021-37218 | — | 0.00 | — | 0.01 | Sep 7, 2021 | HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4. | ||
| CVE-2021-37219 | — | 0.00 | — | 0.01 | Sep 7, 2021 | HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2. | ||
| CVE-2021-32574 | — | 0.00 | — | 0.01 | Jul 17, 2021 | HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1. | ||
| CVE-2021-29504 | — | 0.00 | — | 0.01 | Jun 7, 2021 | WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining… |
- CVE-2022-29222May 21, 2022risk 0.00cvss —epss 0.01
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users that are using Client certificates only.…
- CVE-2022-24901May 4, 2022risk 0.00cvss —epss 0.01
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks…
- CVE-2022-1343May 3, 2022risk 0.00cvss —epss 0.01
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a successful verification) even in the case where the response signing certificate…
- CVE-2022-28142Mar 29, 2022risk 0.00cvss —epss 0.01
Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues.
- CVE-2022-0759Mar 25, 2022risk 0.00cvss —epss 0.01
A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate…
- CVE-2022-27820Mar 24, 2022risk 0.00cvss —epss 0.01
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
- CVE-2022-23649Feb 18, 2022risk 0.00cvss —epss 0.00
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker…
- CVE-2022-23632Feb 17, 2022risk 0.00cvss —epss 0.02
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configuration choice can be different than the…
- CVE-2022-22885Feb 16, 2022risk 0.00cvss —epss 0.01
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
- CVE-2022-24968Feb 11, 2022risk 0.00cvss —epss 0.01
In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during…
- CVE-2021-44549Dec 14, 2021risk 0.00cvss —epss 0.02
Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility…
- CVE-2021-40831Nov 22, 2021risk 0.00cvss —epss 0.01
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on macOS systems. Additionally, SNI validation is also not enabled when the CA has been “overridden”. TLS handshakes will…
- CVE-2021-40830Nov 22, 2021risk 0.00cvss —epss 0.00
The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a user supplied Certificate Authority (CA) to the root CAs instead of overriding it on Unix systems. TLS handshakes will thus succeed if the peer can be verified either from the user-supplied CA or the…
- CVE-2021-40829Nov 22, 2021risk 0.00cvss —epss 0.00
Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.4.2), Python (versions prior to 1.6.1), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.3) did not verify server certificate hostname during TLS handshake when overriding…
- CVE-2021-40828Nov 22, 2021risk 0.00cvss —epss 0.00
Connections initialized by the AWS IoT Device SDK v2 for Java (versions prior to 1.3.3), Python (versions prior to 1.5.18), C++ (versions prior to 1.12.7) and Node.js (versions prior to 1.5.1) did not verify server certificate hostname during TLS handshake when overriding…
- CVE-2021-3761Sep 9, 2021risk 0.00cvss —epss 0.01
Any CA issuer in the RPKI can trick OctoRPKI prior to 1.3.0 into emitting an invalid VRP "MaxLength" value, causing RTR sessions to terminate. An attacker can use this to disable RPKI Origin Validation in a victim network (for example AS 13335 - Cloudflare) prior to launching a…
- CVE-2021-37218Sep 7, 2021risk 0.00cvss —epss 0.01
HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.
- CVE-2021-37219Sep 7, 2021risk 0.00cvss —epss 0.01
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
- CVE-2021-32574Jul 17, 2021risk 0.00cvss —epss 0.01
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
- CVE-2021-29504Jun 7, 2021risk 0.00cvss —epss 0.01
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate verification on WP-CLI side, gaining…