CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 11 of 25
- CVE-2021-27189MEDIUMCVSS 5.9EG 5.92021-02-23
The CIRA Canadian Shield app before 4.0.13 for iOS lacks SSL Certificate Validation.
- CVE-2021-27257MEDIUMCVSS 6.5EG 6.52021-03-05
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. …
- CVE-2021-27400HIGHCVSS 7.5EG 7.52021-04-22
HashiCorp Vault and Vault Enterprise Cassandra integrations (storage backend and database secrets engine plugin) did not validate TLS certificates when connecting to Cassandra clusters. Fixed in 1.6.4 and 1.7.1
- CVE-2021-27768MEDIUMCVSS 6.3EG 5.92022-05-12
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. In this specific scenario, the application's network traffic was int…
- CVE-2021-27899HIGHCVSS 7.4EG 7.42021-04-06
The Proofpoint Insider Threat Management Agents (formerly ObserveIT Agent) for MacOS and Linux perform improper validation of the ITM Server's certificate, which enables a remote attacker to intercept and alter these communications using a…
- CVE-2021-28363MEDIUMCVSS 6.5EG 6.52021-03-15
The urllib3 library 1.26.x before 1.26.4 for Python omits SSL certificate validation in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy (if an SSLContext isn't given via proxy_config) doesn't verify t…
- CVE-2021-29495MEDIUMCVSS 5.9EG 5.92021-05-07
Nim is a statically typed compiled systems programming language. In Nim standard library before 1.4.2, httpClient SSL/TLS certificate verification was disabled by default. Users can upgrade to version 1.4.2 to receive a patch or, as a work…
- CVE-2021-29504CRITICALCVSS 9.1EG 9.12021-06-07
WP-CLI is the command-line interface for WordPress. An improper error handling in HTTPS requests management in WP-CLI version 0.12.0 and later allows remote attackers able to intercept the communication to remotely disable the certificate …
- CVE-2021-29653HIGHCVSS 7.5EG 7.52021-04-22
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1.
- CVE-2021-29656CRITICALCVSS 9.8EG 9.82022-02-18
Pexip Infinity Connect before 1.8.0 mishandles TLS certificate validation. The allow list is not properly checked.
- CVE-2021-29726MEDIUMCVSS 5.3EG 5.32022-05-17
IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication Server 6.0.3 does not properly ensure that a certificate is actually associated with the host due to improper validation of certificates. IBM X-Force ID: 201104.
- CVE-2021-29737HIGHCVSS 7.5EG 7.52021-11-02
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301.
- CVE-2021-29755HIGHCVSS 7.5EG 7.52022-07-20
IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015.
- CVE-2021-31399MEDIUMCVSS 4.6EG 5.92021-08-13
On 2N Access Unit 2.0 2.31.0.40.5 devices, an attacker can pose as the web relay for a man-in-the-middle attack.
- CVE-2021-31597CRITICALCVSS 9.4EG 9.42021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of N…
- CVE-2021-3162HIGHCVSS 7.8EG 7.82021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
- CVE-2021-31747MEDIUMCVSS 4.8EG 4.82021-12-10
Missing SSL Certificate Validation issue exists in Pluck 4.7.15 in update_applet.php, which could lead to man-in-the-middle attacks.
- CVE-2021-31892HIGHCVSS 7.4EG 7.42021-07-13
A vulnerability has been identified in SINUMERIK Analyse MyCondition (All versions), SINUMERIK Analyze MyPerformance (All versions), SINUMERIK Analyze MyPerformance /OEE-Monitor (All versions), SINUMERIK Analyze MyPerformance /OEE-Tuning (…
- CVE-2021-32069MEDIUMCVSS 4.8EG 4.82021-08-13
The AWV component of Mitel MiCollab before 9.3 could allow an attacker to perform a Man-In-the-Middle attack due to improper TLS negotiation. A successful exploit could allow an attacker to view and modify data.
- CVE-2021-32574HIGHCVSS 7.5EG 7.52021-07-17
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
- CVE-2021-32581HIGHCVSS 8.1EG 8.12021-08-05
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.
- CVE-2021-32727MEDIUMCVSS 5.7EG 5.72021-07-12
Nextcloud Android Client is the Android client for Nextcloud. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.16.1, the Nextcloud Android client skip…
- CVE-2021-32728MEDIUMCVSS 6.5EG 6.52021-08-18
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.…
- CVE-2021-32755MEDIUMCVSS 5.4EG 5.42021-07-13
Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a new web socket implementation was intr…
- CVE-2021-3285MEDIUMCVSS 5.3EG 5.32021-01-26
jxbrowser in TI Code Composer Studio IDE 8.x through 10.x before 10.1.1 does not verify X.509 certificates for HTTPS.
- CVE-2021-32919HIGHCVSS 7.5EG 7.52021-05-13
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certi…
- CVE-2021-3309HIGHCVSS 8.1EG 8.12021-01-26
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,
- CVE-2021-3336HIGHCVSS 8.1EG 8.12021-01-29
DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The client side is affected…
- CVE-2021-33695CRITICALCVSS 9.1EG 9.12021-09-15
Potentially, SAP Cloud Connector, version - 2.0 communication with the backend is accepted without sufficient validation of the certificate.
- CVE-2021-33907CRITICALCVSS 9.8EG 9.82021-09-27
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an el…
- CVE-2021-3406CRITICALCVSS 9.8EG 9.82021-02-25
A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.
- CVE-2021-3450HIGHCVSS 7.4EG 7.42021-03-25
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have …
- CVE-2021-34558MEDIUMCVSS 6.5EG 6.52021-07-15
The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type when doing a RSA based key exchange, allowing a malicious TLS server to cause a TLS client t…
- CVE-2021-34599HIGHCVSS 7.4EG 7.42021-12-01
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and tr…
- CVE-2021-3460HIGHCVSS 8.1EG 8.12021-04-13
The Motorola MH702x devices, prior to version 2.0.0.301, do not properly verify the server certificate during communication with the support server which could lead to the communication channel being accessible by an attacker.
- CVE-2021-35193HIGHCVSS 7.5EG 7.52021-07-30
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database cre…
- CVE-2021-3547HIGHCVSS 7.4EG 7.42021-07-12
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client c…
- CVE-2021-35497HIGHCVSS 7.5EG 7.52021-10-05
The FTL Server (tibftlserver) and Docker images containing tibftlserver components of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, TIBCO ActiveSpaces - Enterprise Edition, TIBCO FTL …
- CVE-2021-3618HIGHCVSS 7.4EG 7.42022-03-23
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to vi…
- CVE-2021-3636MEDIUMCVSS 4.6EG 4.62021-07-30
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely conne…
- CVE-2021-36371LOWCVSS 3.7EG 3.72021-07-09
Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configur…
- CVE-2021-36377HIGHCVSS 7.5EG 7.52021-07-12
Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname check during TLS certificate validation.
- CVE-2021-36382LOWCVSS 2.6EG 3.72021-07-12
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
- CVE-2021-36756MEDIUMCVSS 6.5EG 6.52021-10-27
CFEngine Enterprise 3.15.0 through 3.15.4 has Missing SSL Certificate Validation.
- CVE-2021-3698HIGHCVSS 7.5EG 7.52022-03-10
A flaw was found in Cockpit in versions prior to 260 in the way it handles the certificate verification performed by the System Security Services Daemon (SSSD). This flaw allows client certificates to authenticate successfully, regardless …
- CVE-2021-37218HIGHCVSS 8.8EG 8.82021-09-07
HashiCorp Nomad and Nomad Enterprise Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.0.10 and 1.1.4.
- CVE-2021-37219HIGHCVSS 8.8EG 8.82021-09-07
HashiCorp Consul and Consul Enterprise 1.10.1 Raft RPC layer allows non-server agents with a valid certificate signed by the same CA to access server-only functionality, enabling privilege escalation. Fixed in 1.8.15, 1.9.9 and 1.10.2.
- CVE-2021-37698HIGHCVSS 7.5EG 7.52021-08-19
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions 2.5.0 through 2.13.0, ElasticsearchWriter, GelfWriter, InfluxdbWriter an…
- CVE-2021-3798MEDIUMCVSS 5.5EG 5.52022-08-23
A flaw was found in openCryptoki. The openCryptoki Soft token does not check if an EC key is valid when an EC key is created via C_CreateObject, nor when C_DeriveKey is used with ECDH public data. This may allow a malicious user to extract…
- CVE-2021-38864HIGHCVSS 7.5EG 7.52021-09-23
IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain sensitive information due to improper certificate validation. IBM X-Force ID: 208155.
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →