VYPR

CWE-295

Improper Certificate Validation

BaseDraft

Description

The product does not validate, or incorrectly validates, a certificate.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-459 · CAPEC-475

CVEs mapped to this weakness (720)

page 9 of 36
  • CVE-2018-0553HigApr 9, 2018
    risk 0.48cvss 7.4epss 0.01

    The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

  • CVE-2017-9758HigNov 10, 2017
    risk 0.48cvss 7.4epss 0.01

    Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible Subversion."

  • CVE-2017-6144HigOct 20, 2017
    risk 0.48cvss 7.4epss 0.01

    In F5 BIG-IP PEM 12.1.0 through 12.1.2 when downloading the Type Allocation Code (TAC) database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these connections. TAC…

  • CVE-2017-10620HigOct 13, 2017
    risk 0.48cvss 7.4epss 0.01

    Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle attacker to inject bogus signatures to cause service disruptions or make the device not detect certain types of…

  • CVE-2015-5639HigOct 10, 2017
    risk 0.48cvss 7.4epss 0.01

    niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.

  • CVE-2015-2988HigOct 10, 2017
    risk 0.48cvss 7.4epss 0.01

    Rakuten card App for iOS 5.2.0 through 5.2.4 does not verify SSL certificates which might allow remote attackers to execute man-in-the-middle attacks.

  • CVE-2017-11506HigAug 9, 2017
    risk 0.48cvss 7.4epss 0.01

    When linking a Nessus scanner or agent to Tenable.io or other manager, Nessus 6.x before 6.11 does not verify the manager's TLS certificate when making the initial outgoing connection. This could allow man-in-the-middle attacks.

  • CVE-2012-5822HigNov 4, 2012
    risk 0.48cvss 7.4epss 0.01

    The contribution feature in Zamboni does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid…

  • CVE-2012-5819HigNov 4, 2012
    risk 0.48cvss 7.4epss 0.01

    FilesAnywhere does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

  • CVE-2012-5817HigNov 4, 2012
    risk 0.48cvss 7.4epss 0.01

    Codehaus XFire 1.2.6 and earlier, as used in the Amazon EC2 API Tools Java library and other products, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…

  • CVE-2026-9758HigJun 10, 2026
    risk 0.47cvss 7.3epss 0.00

    Improper comparison with the certificates trusted list in S2OPC allows an attacker well-formed untrusted certificate to be considered trusted

  • CVE-2026-23776HigApr 17, 2026
    risk 0.47cvss 7.2epss 0.00

    Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation…

  • CVE-2025-8393HigAug 8, 2025
    risk 0.47cvss 7.3epss 0.00

    A TLS vulnerability exists in the phone application used to manage a connected device. The phone application accepts self-signed certificates when establishing TLS communication which may result in man-in-the-middle attacks on untrusted networks. Captured communications may…

  • CVE-2025-6032HigJun 24, 2025
    risk 0.47cvss 8.3epss 0.00

    A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

  • CVE-2024-43107HigMar 10, 2025
    risk 0.47cvss 7.2epss 0.00

    Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events) to be sent to the Plugin. This issue effects Gallagher MIPS Plugin v4.0 prior to v4.0.32, all versions of v3.0 and prior.

  • CVE-2026-42790HigMay 27, 2026
    risk 0.46cvss 8.1epss 0.00

    Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verification. Two flaws combine to allow a subordinate CA whose DNS nameConstraints…

  • CVE-2026-45574HigMay 26, 2026
    risk 0.46cvss 8.1epss 0.00

    epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and intercept all SOAP traffic. This…

  • CVE-2026-44900HigMay 26, 2026
    risk 0.46cvss 8.1epss 0.00

    epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify(). The method performs…

  • CVE-2026-5501HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker…

  • CVE-2026-33810HigApr 8, 2026
    risk 0.46cvss 8.2epss 0.00

    When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in…