CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 13 of 25
- CVE-2022-22156MEDIUMCVSS 6.5EG 6.52022-01-19
An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may comprom…
- CVE-2022-22305MEDIUMCVSS 5.4EG 5.42023-09-01
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network …
- CVE-2022-22306MEDIUMCVSS 5.4EG 5.32022-05-24
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.0.0 through 6.0.14, 6.2.0 through 6.2.10, 6.4.0 through 6.4.8, 7.0.0 may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication b…
- CVE-2022-22380MEDIUMCVSS 5.0EG 5.02023-10-17
IBM Security Verify Privilege On-Premises 11.5 could allow an attacker to spoof a trusted entity due to improperly validating certificates. IBM X-Force ID: 221957.
- CVE-2022-22549HIGHCVSS 7.5EG 8.12022-04-12
Dell PowerScale OneFS, 8.2.x-9.3.x, contains a Improper Certificate Validation. A unauthenticated remote attacker could potentially exploit this vulnerability, leading to a man-in-the-middle capture of administrative credentials.
- CVE-2022-22747MEDIUMCVSS 6.5EG 6.52022-12-22
After accepting an untrusted certificate, handling an empty pkcs7 sequence as part of the certificate data could have lead to a crash. This crash is believed to be unexploitable. This vulnerability affects Firefox ESR < 91.5, Firefox < 96,…
- CVE-2022-22787MEDIUMCVSS 5.9EG 7.52022-05-18
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an un…
- CVE-2022-22885CRITICALCVSS 9.8EG 9.82022-02-16
Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL certificate validation.
- CVE-2022-22946MEDIUMCVSS 5.5EG 5.52022-03-04
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect…
- CVE-2022-23632HIGHCVSS 7.4EG 7.42022-02-17
Traefik is an HTTP reverse proxy and load balancer. Prior to version 2.6.1, Traefik skips the router transport layer security (TLS) configuration when the host header is a fully qualified domain name (FQDN). For a request, the TLS configur…
- CVE-2022-23649LOWCVSS 3.3EG 3.32022-02-18
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if…
- CVE-2022-24319MEDIUMCVSS 5.9EG 5.92022-02-09
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA web server are intercepted. Affected Product: ClearSCADA (All Versions), EcoStr…
- CVE-2022-24320MEDIUMCVSS 5.9EG 5.92022-02-09
A CWE-295: Improper Certificate Validation vulnerability exists that could allow a Man-in-theMiddle attack when communications between the client and Geo SCADA database server are intercepted. Affected Product: ClearSCADA (All Versions), E…
- CVE-2022-24901HIGHCVSS 7.5EG 7.52022-05-04
Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL …
- CVE-2022-24968MEDIUMCVSS 5.9EG 5.92022-02-11
In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs becaus…
- CVE-2022-25243MEDIUMCVSS 6.5EG 6.52022-03-10
"Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if the PKI role policy attribute allow_s…
- CVE-2022-25638MEDIUMCVSS 6.5EG 6.52022-02-24
In wolfSSL before 5.2.0, certificate validation may be bypassed during attempted authentication by a TLS 1.3 client to a TLS 1.3 server. This occurs when the sig_algo field differs between the certificate_verify message and the certificate…
- CVE-2022-25640HIGHCVSS 7.5EG 7.52022-02-24
In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a requirement for mutual authentication. A client can simply omit the certificate_verify message from the handshake, and never present a certificate.
- CVE-2022-26305HIGHCVSS 7.5EG 9.82022-07-25
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a truste…
- CVE-2022-26491MEDIUMCVSS 5.9EG 5.92022-06-02
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instea…
- CVE-2022-26493CRITICALCVSS 9.8EG 8.82022-06-03
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication…
- CVE-2022-26766MEDIUMCVSS 5.5EG 5.52022-05-26
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be a…
- CVE-2022-26923HIGHCVSS 8.8EG 9.0⚠ KEV2022-05-10
Active Directory Domain Services Elevation of Privilege Vulnerability
- CVE-2022-27536HIGHCVSS 7.5EG 7.52022-04-20
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
- CVE-2022-27644HIGHCVSS 8.8EG 8.82023-03-29
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability…
- CVE-2022-27782HIGHCVSS 7.5EG 7.52022-06-02
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if …
- CVE-2022-27820MEDIUMCVSS 4.0EG 4.02022-03-24
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
- CVE-2022-27890MEDIUMCVSS 6.3EG 7.42023-02-16
It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misuse of the javax.net.ssl.SSLSocketFactory API. A malicious attacker in a privileged network position could abuse this to perform a man-in-th…
- CVE-2022-28142HIGHCVSS 7.5EG 7.52022-03-29
Jenkins Proxmox Plugin 0.6.0 and earlier disables SSL/TLS certificate validation globally for the Jenkins controller JVM when configured to ignore SSL/TLS issues.
- CVE-2022-28352MEDIUMCVSS 4.3EG 4.82022-04-02
WeeChat (aka Wee Enhanced Environment for Chat) 3.2 to 3.4 before 3.4.1 does not properly verify the TLS certificate of the server, after certain GnuTLS options are changed, which allows man-in-the-middle attackers to spoof a TLS chat serv…
- CVE-2022-29082LOWCVSS 3.7EG 4.62022-05-26
Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnera…
- CVE-2022-29222MEDIUMCVSS 5.9EG 5.92022-05-21
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.5, a DTLS Client could provide a Certificate that it doesn't posses the private key for and Pion DTLS wouldn't reject it. This issue affects users …
- CVE-2022-29482LOWCVSS 3.7EG 3.72022-06-14
'Mobaoku-Auction&Flea Market' App for iOS versions prior to 5.5.16 improperly verifies server certificates, which may allow an attacker to eavesdrop on an encrypted communication via a man-in-the-middle attack.
- CVE-2022-29908HIGHCVSS 7.8EG 7.82022-09-19
The folioupdate service in Fabasoft Cloud Enterprise Client 22.4.0043 allows Local Privilege Escalation.
- CVE-2022-2996HIGHCVSS 7.4EG 7.42022-09-01
A flaw was found in the python-scciclient when making an HTTPS connection to a server where the server's certificate would not be verified. This issue opens up the connection to possible Man-in-the-middle (MITM) attacks.
- CVE-2022-31083HIGHCVSS 8.6EG 8.62022-06-17
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 4.10.11 and 5.2.2, the certificate in the Parse Server Apple Game Center auth adapter not validated. As a result, aut…
- CVE-2022-31105HIGHCVSS 8.3EG 8.32022-07-12
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust …
- CVE-2022-31183CRITICALCVSS 9.1EG 9.12022-08-01
fs2 is a compositional, streaming I/O library for Scala. When establishing a server-mode `TLSSocket` using `fs2-io` on Node.js, the parameter `requestCert = true` is ignored, peer certificate verification is skipped, and the connection pro…
- CVE-2022-31733CRITICALCVSS 9.1EG 9.12023-02-03
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, apps are accessible via another port on diego cells, allowing application ingress without a client certificate. If mTLS route integ…
- CVE-2022-32151HIGHCVSS 7.4EG 9.12022-06-15
The httplib and urllib Python libraries that Splunk shipped with Splunk Enterprise did not validate certificates using the certificate authority (CA) certificate stores by default in Splunk Enterprise versions before 9.0 and Splunk Cloud P…
- CVE-2022-32152HIGHCVSS 8.1EG 7.22022-06-15
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configu…
- CVE-2022-32153HIGHCVSS 8.1EG 8.12022-06-15
Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by default. Splunk peer communications configu…
- CVE-2022-32156HIGHCVSS 8.1EG 9.82022-06-15
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, se…
- CVE-2022-32210MEDIUMCVSS 6.5EG 6.52022-07-14
`Undici.ProxyAgent` never verifies the remote server's certificate, and always exposes all request & response data to the proxy. This unexpectedly means that proxies can MitM all HTTPS traffic, and if the proxy's URL is HTTP then it also m…
- CVE-2022-32509HIGHCVSS 8.8EG 8.82024-05-14
An issue was discovered on certain Nuki Home Solutions devices. Lack of certificate validation on HTTP communications allows attackers to intercept and tamper data. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Bridge v1 before 1.22.…
- CVE-2022-32531MEDIUMCVSS 5.9EG 5.92022-12-15
The Apache Bookkeeper Java Client (before 4.14.6 and also 4.15.0) does not close the connection to the bookkeeper server when TLS hostname verification fails. This leaves the bookkeeper client vulnerable to a man in the middle attack. The…
- CVE-2022-32563CRITICALCVSS 9.8EG 9.82022-06-10
An issue was discovered in Couchbase Sync Gateway 3.x before 3.0.2. Admin credentials are not verified when using X.509 client-certificate authentication from Sync Gateway to Couchbase Server. When Sync Gateway is configured to authenticat…
- CVE-2022-32748HIGHCVSS 7.9EG 8.32023-01-30
A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure devices. Additionally, credentials could leak which would enable an attacker the …
- CVE-2022-33681MEDIUMCVSS 5.9EG 5.92022-09-23
Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client to the Pulsar Broker/Proxy and connections from the Pulsar …
- CVE-2022-33682MEDIUMCVSS 5.9EG 5.92022-09-23
TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →