CWE-298
Improper Validation of Certificate Expiration
Description
A certificate expiration is not validated or is incorrectly validated.
Hierarchy (View 1000)
CVEs mapped to this weakness (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-61736 | — | Hig | 0.46 | — | 0.00 | Dec 17, 2025 | Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires. | |
| CVE-2025-4384 | Med | 0.39 | — | 0.00 | May 6, 2025 | The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client certificate reduces the risk for random… | ||
| CVE-2025-59036 | Med | 0.29 | 5.5 | 0.00 | Sep 9, 2025 | Infrahub offers a central hub to manage data, templates, and playbooks. Prior to versiond 1.3.9 and 1.4.5, a bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any API token that is associated with an… | ||
| CVE-2023-42446 | 0.00 | — | 0.00 | Sep 18, 2023 | Pow is a authentication and user management solution for Phoenix and Plug-based apps. Starting in version 1.0.14 and prior to version 1.0.34, use of `Pow.Store.Backend.MnesiaCache` is susceptible to session hijacking as expired keys are not being invalidated correctly on… | |||
| CVE-2022-31145 | 0.00 | — | 0.01 | Jul 13, 2022 | FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users… |
- risk 0.46cvss —epss 0.00
Successful exploitation of this vulnerability could result in the product failing to re-establish communication once the certificate expires.
- risk 0.39cvss —epss 0.00
The MQTT add-on of PcVue fails to verify that a remote device’s certificate has not already expired or has not yet become valid. This allows malicious devices to present certificates that are not rejected properly. The use of a client certificate reduces the risk for random…
- risk 0.29cvss 5.5epss 0.00
Infrahub offers a central hub to manage data, templates, and playbooks. Prior to versiond 1.3.9 and 1.4.5, a bug in the authentication logic will cause API tokens that were deleted and/or expired to be considered valid. This means that any API token that is associated with an…
- CVE-2023-42446Sep 18, 2023risk 0.00cvss —epss 0.00
Pow is a authentication and user management solution for Phoenix and Plug-based apps. Starting in version 1.0.14 and prior to version 1.0.34, use of `Pow.Store.Backend.MnesiaCache` is susceptible to session hijacking as expired keys are not being invalidated correctly on…
- CVE-2022-31145Jul 13, 2022risk 0.00cvss —epss 0.01
FlyteAdmin is the control plane for Flyte responsible for managing entities and administering workflow executions. In versions 1.1.30 and prior, authenticated users using an external identity provider can continue to use Access Tokens and ID Tokens even after they expire. Users…