CWE-295
Improper Certificate Validation
Description
The product does not validate, or incorrectly validates, a certificate.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-459 · CAPEC-475
CVEs mapped to this weakness (720)
page 8 of 36| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41872 | Hig | 0.48 | 7.4 | 0.00 | May 12, 2026 | "Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server. | ||
| CVE-2026-7821 | Hig | 0.48 | 7.4 | 0.01 | May 7, 2026 | Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to enroll a device belonging to a restricted set of unenrolled devices, leading to information disclosure about EPMM appliance… | ||
| CVE-2026-35560 | Hig | 0.48 | 7.4 | 0.00 | Apr 3, 2026 | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to… | ||
| CVE-2025-11043 | Hig | 0.48 | 7.4 | 0.00 | Jan 19, 2026 | An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges. | ||
| CVE-2025-40800 | Hig | 0.48 | 7.4 | 0.00 | Dec 9, 2025 | A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002),… | ||
| CVE-2024-7383 | Hig | 0.48 | 7.4 | 0.00 | Aug 5, 2024 | A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. | ||
| CVE-2018-0434 | Hig | 0.48 | 7.4 | 0.01 | Oct 5, 2018 | A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by… | ||
| CVE-2018-0650 | Hig | 0.48 | 7.4 | 0.01 | Sep 7, 2018 | The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||
| CVE-2018-1999035 | — | Hig | 0.48 | 7.4 | 0.01 | Aug 1, 2018 | A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to. | |
| CVE-2018-1999034 | — | Hig | 0.48 | 7.4 | 0.01 | Aug 1, 2018 | A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to. | |
| CVE-2018-8020 | Hig | 0.48 | 7.4 | 0.04 | Jul 31, 2018 | Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users… | ||
| CVE-2018-8019 | Hig | 0.48 | 7.4 | 0.04 | Jul 31, 2018 | When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked… | ||
| CVE-2018-0622 | Hig | 0.48 | 7.4 | 0.01 | Jul 26, 2018 | The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||
| CVE-2017-14709 | Hig | 0.48 | 7.4 | 0.00 | Jul 12, 2018 | The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a… | ||
| CVE-2018-12499 | Hig | 0.48 | 7.4 | 0.00 | Jul 2, 2018 | The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was… | ||
| CVE-2018-1000605 | — | Hig | 0.48 | 7.4 | 0.01 | Jun 26, 2018 | A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to. | |
| CVE-2018-0611 | Hig | 0.48 | 7.4 | 0.01 | Jun 26, 2018 | The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||
| CVE-2018-1153 | Hig | 0.48 | 7.4 | 0.00 | Jun 18, 2018 | Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic. | ||
| CVE-2018-4849 | Hig | 0.48 | 7.4 | 0.01 | May 3, 2018 | A vulnerability has been identified in Siveillance VMS Video for Android (All versions < V12.1a (2018 R1)), Siveillance VMS Video for iOS (All versions < V12.1a (2018 R1)). Improper certificate validation could allow an attacker in a privileged network position to read data from… | ||
| CVE-2013-7201 | Hig | 0.48 | 7.4 | 0.02 | Apr 27, 2018 | WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. |
- risk 0.48cvss 7.4epss 0.00
"Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering, the communication on push notifications between the affected application and the relevant server.
- risk 0.48cvss 7.4epss 0.01
Improper certificate validation in Ivanti EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1 allows a remote unauthenticated attacker to enroll a device belonging to a restricted set of unenrolled devices, leading to information disclosure about EPMM appliance…
- risk 0.48cvss 7.4epss 0.00
Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to…
- risk 0.48cvss 7.4epss 0.00
An Improper Certificate Validation vulnerability in the OPC-UA client and ANSL over TLS client used in Automation Studio versions before 6.5 could allow an unauthenticated attacker on the network to position themselves to intercept and interfere with data exchanges.
- risk 0.48cvss 7.4epss 0.00
A vulnerability has been identified in COMOS V10.6 (All versions < V10.6.1), COMOS V10.6 (All versions < V10.6.1), NX V2412 (All versions < V2412.8700), NX V2506 (All versions < V2506.6000), Simcenter 3D (All versions < V2506.6000), Simcenter Femap (All versions < V2506.0002),…
- risk 0.48cvss 7.4epss 0.00
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.
- risk 0.48cvss 7.4epss 0.01
A vulnerability in the Zero Touch Provisioning feature of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data by using an invalid certificate. The vulnerability is due to insufficient certificate validation by…
- risk 0.48cvss 7.4epss 0.01
The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- risk 0.48cvss 7.4epss 0.01
A man in the middle vulnerability exists in Jenkins Inedo BuildMaster Plugin 1.3 and earlier in BuildMasterConfiguration.java, BuildMasterConfig.java, BuildMasterApi.java that allows attackers to impersonate any service that Jenkins connects to.
- risk 0.48cvss 7.4epss 0.01
A man in the middle vulnerability exists in Jenkins Inedo ProGet Plugin 0.8 and earlier in ProGetApi.java, ProGetConfig.java, ProGetConfiguration.java that allows attackers to impersonate any service that Jenkins connects to.
- risk 0.48cvss 7.4epss 0.04
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users…
- risk 0.48cvss 7.4epss 0.04
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked…
- risk 0.48cvss 7.4epss 0.01
The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- risk 0.48cvss 7.4epss 0.00
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a…
- risk 0.48cvss 7.4epss 0.00
The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was…
- risk 0.48cvss 7.4epss 0.01
A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.
- risk 0.48cvss 7.4epss 0.01
The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- risk 0.48cvss 7.4epss 0.00
Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.
- risk 0.48cvss 7.4epss 0.01
A vulnerability has been identified in Siveillance VMS Video for Android (All versions < V12.1a (2018 R1)), Siveillance VMS Video for iOS (All versions < V12.1a (2018 R1)). Improper certificate validation could allow an attacker in a privileged network position to read data from…
- risk 0.48cvss 7.4epss 0.02
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.