CWE-295
Improper Certificate Validation
Description
The product does not validate, or incorrectly validates, a certificate.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-459 · CAPEC-475
CVEs mapped to this weakness (720)
page 35 of 36| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-1010206 | 0.00 | — | 0.01 | Jul 23, 2019 | OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing. | |||
| CVE-2019-1010275 | 0.00 | — | 0.01 | Jul 17, 2019 | helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/… | |||
| CVE-2019-12855 | — | 0.00 | — | 0.02 | Jun 16, 2019 | In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | ||
| CVE-2019-3875 | 0.00 | — | 0.00 | Jun 12, 2019 | A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The… | |||
| CVE-2019-10334 | 0.00 | — | 0.01 | Jun 11, 2019 | Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files. | |||
| CVE-2019-12496 | — | 0.00 | — | 0.01 | May 31, 2019 | An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. | ||
| CVE-2019-10317 | 0.00 | — | 0.01 | Apr 30, 2019 | Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM. | |||
| CVE-2019-10314 | 0.00 | — | 0.01 | Apr 30, 2019 | Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM. | |||
| CVE-2019-0223 | 0.00 | — | 0.06 | Apr 23, 2019 | While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with… | |||
| CVE-2019-11324 | 0.00 | — | 0.03 | Apr 18, 2019 | The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This… | |||
| CVE-2019-5729 | 0.00 | — | 0.01 | Mar 19, 2019 | Splunk-SDK-Python before 1.6.6 does not properly verify untrusted TLS server certificates, which could result in man-in-the-middle attacks. | |||
| CVE-2018-6517 | 0.00 | — | 0.01 | Mar 17, 2019 | Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride. | |||
| CVE-2019-1003009 | 0.00 | — | 0.01 | Feb 6, 2019 | An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java,… | |||
| CVE-2018-20245 | 0.00 | — | 0.01 | Jan 23, 2019 | The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking. | |||
| CVE-2018-1320 | — | 0.00 | — | 0.08 | Jan 7, 2019 | Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production… | ||
| CVE-2018-17187 | 0.00 | — | 0.03 | Nov 13, 2018 | The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer… | |||
| CVE-2017-7562 | — | Med | 0.00 | 6.5 | 0.03 | Jul 26, 2018 | An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and… | |
| CVE-2018-10406 | — | Hig | 0.00 | 7.8 | 0.01 | Jun 13, 2018 | An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but… | |
| CVE-2018-8970 | Hig | 0.00 | 7.4 | 0.01 | Mar 24, 2018 | The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to… | ||
| CVE-2015-1796 | 0.00 | — | 0.01 | Jul 8, 2015 | The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued… |
- CVE-2019-1010206Jul 23, 2019risk 0.00cvss —epss 0.01
OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.
- CVE-2019-1010275Jul 17, 2019risk 0.00cvss —epss 0.01
helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see https://github.com/helm/helm/pull/3152/files/…
- CVE-2019-12855Jun 16, 2019risk 0.00cvss —epss 0.02
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
- CVE-2019-3875Jun 12, 2019risk 0.00cvss —epss 0.00
A vulnerability was found in keycloak before 6.0.2. The X.509 authenticator supports the verification of client certificates through the CRL, where the CRL list can be obtained from the URL provided in the certificate itself (CDP) or through the separately configured path. The…
- CVE-2019-10334Jun 11, 2019risk 0.00cvss —epss 0.01
Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files.
- CVE-2019-12496May 31, 2019risk 0.00cvss —epss 0.01
An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default.
- CVE-2019-10317Apr 30, 2019risk 0.00cvss —epss 0.01
Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10314Apr 30, 2019risk 0.00cvss —epss 0.01
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-0223Apr 23, 2019risk 0.00cvss —epss 0.06
While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with…
- CVE-2019-11324Apr 18, 2019risk 0.00cvss —epss 0.03
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This…
- CVE-2019-5729Mar 19, 2019risk 0.00cvss —epss 0.01
Splunk-SDK-Python before 1.6.6 does not properly verify untrusted TLS server certificates, which could result in man-in-the-middle attacks.
- CVE-2018-6517Mar 17, 2019risk 0.00cvss —epss 0.01
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride.
- CVE-2019-1003009Feb 6, 2019risk 0.00cvss —epss 0.01
An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java,…
- CVE-2018-20245Jan 23, 2019risk 0.00cvss —epss 0.01
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.
- CVE-2018-1320Jan 7, 2019risk 0.00cvss —epss 0.08
Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production…
- CVE-2018-17187Nov 13, 2018risk 0.00cvss —epss 0.03
The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer…
- risk 0.00cvss 6.5epss 0.03
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and…
- risk 0.00cvss 7.8epss 0.01
An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but…
- risk 0.00cvss 7.4epss 0.01
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to…
- CVE-2015-1796Jul 8, 2015risk 0.00cvss —epss 0.01
The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued…