CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 15 of 25
- CVE-2023-0466MEDIUMCVSS 5.3EG 5.32023-03-28
The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificate…
- CVE-2023-0509HIGHCVSS 7.4EG 7.42023-01-26
Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.
- CVE-2023-0547MEDIUMCVSS 6.5EG 6.52023-06-02
OCSP revocation status of recipient certificates was not checked when sending S/Mime encrypted email, and revoked certificates would be accepted. Thunderbird versions from 68 to 102.9.1 were affected by this bug. This vulnerability affects…
- CVE-2023-1055MEDIUMCVSS 5.5EG 5.52023-02-27
A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account w…
- CVE-2023-1409MEDIUMCVSS 5.3EG 5.32023-08-23
If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validat…
- CVE-2023-1514HIGHCVSS 7.4EG 7.42023-12-19
A vulnerability exists in the component RTU500 Scripting interface. When a client connects to a server using TLS, the server presents a certificate. This certificate links a public key to the identity of the service and is signed by a Cert…
- CVE-2023-1664MEDIUMCVSS 6.5EG 6.52023-05-26
A flaw was found in Keycloak. This flaw depends on a non-default configuration "Revalidate Client Certificate" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose …
- CVE-2023-20881HIGHCVSS 8.1EG 8.12023-05-19
Cloud foundry instances having CAPI version between 1.140 and 1.152.0 along with loggregator-agent v7+ may override other users syslog drain credentials if they're aware of the client certificate used for that syslog drain. This applies ev…
- CVE-2023-20963HIGHCVSS 7.8EG 9.0⚠ KEV2023-03-24
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Andro…
- CVE-2023-21265HIGHCVSS 7.5EG 7.52023-08-14
In multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
- CVE-2023-21358HIGHCVSS 7.8EG 7.82023-10-30
In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed…
- CVE-2023-22367MEDIUMCVSS 5.9EG 5.92023-02-13
Ichiran App for iOS versions prior to 3.1.0 and Ichiran App for Android versions prior to 3.1.0 improperly verify server certificates, which may allow a remote unauthenticated attacker to eavesdrop on an encrypted communication via a man-i…
- CVE-2023-22642HIGHCVSS 7.5EG 8.12023-04-11
An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle atta…
- CVE-2023-22943MEDIUMCVSS 4.8EG 5.32023-02-14
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connec…
- CVE-2023-23131HIGHCVSS 7.5EG 7.52023-02-01
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings.
- CVE-2023-23546MEDIUMCVSS 4.2EG 4.22023-07-06
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to tr…
- CVE-2023-23588MEDIUMCVSS 6.2EG 6.22023-04-11
A vulnerability has been identified in SIMATIC IPC1047 (All versions), SIMATIC IPC1047E (All versions with maxView Storage Manager < 4.09.00.25611 on Windows), SIMATIC IPC647D (All versions), SIMATIC IPC647E (All versions with maxView Stor…
- CVE-2023-23690HIGHCVSS 7.0EG 7.02023-01-19
Cloud Mobility for Dell EMC Storage, versions 1.3.0.X and below contains an Improper Check for Certificate Revocation vulnerability. A threat actor does not need any specific privileges to potentially exploit this vulnerability. An attack…
- CVE-2023-23901MEDIUMCVSS 6.5EG 6.52023-05-10
Improper following of a certificate's chain of trust exists in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier, and SkyBridge BASIC MB-A130 firmware Ver. 1.4.1 and earlier, which may allow a remote unauthenticated attacker to eavesdro…
- CVE-2023-2422MEDIUMCVSS 5.5EG 5.52023-10-04
A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as …
- CVE-2023-24461HIGHCVSS 7.4EG 7.42023-05-03
An improper certificate validation vulnerability exists in the BIG-IP Edge Client for Windows and macOS and may allow an attacker to impersonate a BIG-IP APM system. Note: Software versions which have reached End of Technical Support (…
- CVE-2023-24568MEDIUMCVSS 5.0EG 7.42023-05-30
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
- CVE-2023-25392MEDIUMCVSS 5.9EG 5.92023-04-10
Allegro Tech BigFlow <1.6 is vulnerable to Missing SSL Certificate Validation.
- CVE-2023-26463CRITICALCVSS 9.8EG 9.82023-04-15
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired po…
- CVE-2023-27823CRITICALCVSS 9.8EG 9.82023-05-12
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials.
- CVE-2023-28093MEDIUMCVSS 6.5EG 6.52023-04-10
A user with a compromised configuration can start an unsigned binary as a service.
- CVE-2023-28321MEDIUMCVSS 5.9EG 5.92023-05-26
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matchi…
- CVE-2023-28807MEDIUMCVSS 5.1EG 5.12024-01-31
In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic.
- CVE-2023-29000MEDIUMCVSS 5.4EG 5.42023-04-04
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.7.0, by trusting that the server will return a certificate that belongs to the keypair of the user, a mal…
- CVE-2023-29175MEDIUMCVSS 4.8EG 4.82023-06-13
An improper certificate validation vulnerability [CWE-295] in FortiOS 6.2 all versions, 6.4 all versions, 7.0.0 through 7.0.10, 7.2.0 and FortiProxy 1.2 all versions, 2.0 all versions, 7.0.0 through 7.0.9, 7.2.0 through 7.2.3 may allow a r…
- CVE-2023-29501MEDIUMCVSS 4.8EG 4.82023-06-13
Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, …
- CVE-2023-30222HIGHCVSS 7.5EG 7.52023-06-16
An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping.
- CVE-2023-30516MEDIUMCVSS 6.5EG 5.32023-04-12
Jenkins Image Tag Parameter Plugin 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries, resulting in job configurations using Image Tag Parameters that were created before 2…
- CVE-2023-30517MEDIUMCVSS 5.3EG 5.92023-04-12
Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.
- CVE-2023-30729HIGHCVSS 8.1EG 8.12023-09-06
Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.
- CVE-2023-31151MEDIUMCVSS 4.7EG 4.72023-05-10
An Improper Certificate Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote unauthenticated attacker to conduct a man-in-the-middle (MitM) att…
- CVE-2023-31190HIGHCVSS 8.1EG 8.12023-07-11
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper Authentication vulnerability during the firmware update procedure. Specifically, the firmware update procedure ignores and does not check the validi…
- CVE-2023-31421MEDIUMCVSS 5.9EG 5.92023-10-26
It was discovered that when acting as TLS clients, Beats, Elastic Agent, APM Server, and Fleet Server did not verify whether the server certificate is valid for the target IP address; however, certificate signature validation is still perf…
- CVE-2023-31484HIGHCVSS 8.1EG 8.12023-04-29
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
- CVE-2023-31485MEDIUMCVSS 5.9EG 5.92023-04-29
GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.
- CVE-2023-31486HIGHCVSS 8.1EG 8.12023-04-29
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
- CVE-2023-31580MEDIUMCVSS 5.9EG 5.92023-10-25
light-oauth2 before version 2.1.27 obtains the public key without any verification. This could allow attackers to authenticate to the application with a crafted JWT token.
- CVE-2023-32330HIGHCVSS 7.5EG 7.52024-02-07
IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977.
- CVE-2023-32464LOWCVSS 2.7EG 2.72023-06-23
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted …
- CVE-2023-32994LOWCVSS 3.7EG 3.72023-05-16
Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middl…
- CVE-2023-33201MEDIUMCVSS 5.3EG 5.32023-07-05
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation …
- CVE-2023-33295MEDIUMCVSS 6.5EG 6.52024-01-19
Cohesity DataProtect prior to 6.8.1_u5 or 7.1 was discovered to have a incorrect access control vulnerability due to a lack of TLS Certificate Validation.
- CVE-2023-33757MEDIUMCVSS 5.9EG 5.92024-01-25
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.
- CVE-2023-33760MEDIUMCVSS 5.3EG 5.32024-01-25
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack.
- CVE-2023-33861MEDIUMCVSS 6.5EG 6.52025-05-20
IBM Security ReaQta EDR 3.12 could allow an attacker to spoof a trusted entity by interfering with the communication path between the host and client.
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →