CWE-593

Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created

VariantDraft

Description

The product modifies the SSL context after connection creation has begun.

If the program modifies the SSL_CTX object after creating SSL objects from it, there is the possibility that older SSL objects created from the original context could all be affected by that change.

Hierarchy (View 1000)

Parents

CWE-1390
CWE-666

Children

none

Related attack patterns (CAPEC)

CAPEC-94

CVEs mapped to this weakness (0)

No CVEs match the current filter.