CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 5 of 25
- CVE-2018-5926CRITICALCVSS 9.1EG 9.12019-03-27
A potential vulnerability has been identified in HP Remote Graphics Software’s certificate authentication process version 7.5.0 and earlier.
- CVE-2018-6219MEDIUMCVSS 6.5EG 6.52018-03-15
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data.
- CVE-2018-6221HIGHCVSS 8.1EG 8.12018-03-15
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.
- CVE-2018-6374MEDIUMCVSS 6.5EG 6.52018-01-31
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set.
- CVE-2018-6517HIGHCVSS 7.5EG 7.52019-03-21
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts…
- CVE-2018-6827HIGHCVSS 8.1EG 8.12018-02-09
VOBOT CLOCK before 0.99.30 devices do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information, and consequently execute arbitrary code, via a crafted certif…
- CVE-2018-7234HIGHCVSS 7.5EG 7.52018-03-09
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow arbitrary system file download due to lack of validation of SSL certificate.
- CVE-2018-8019HIGHCVSS 7.4EG 7.42018-07-31
When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for use…
- CVE-2018-8020HIGHCVSS 7.4EG 7.42018-07-31
Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be…
- CVE-2018-8034HIGHCVSS 7.5EG 7.52018-08-01
The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.
- CVE-2018-8059HIGHCVSS 8.8EG 8.82018-03-11
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.
- CVE-2018-8119MEDIUMCVSS 5.6EG 5.62018-05-09
A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.
- CVE-2018-8356MEDIUMCVSS 5.5EG 5.52018-07-11
A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka ".NET Framework Security Feature Bypass Vulnerability." This affects .NET Framework 4.7.2, Microsoft .NET F…
- CVE-2018-8479MEDIUMCVSS 5.6EG 5.62018-09-13
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.
- CVE-2018-8970HIGHCVSS 7.4EG 7.42018-03-24
The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently al…
- CVE-2018-9127CRITICALCVSS 9.8EG 9.82018-04-02
Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same…
- CVE-2019-0054MEDIUMCVSS 6.8EG 7.42019-10-09
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the …
- CVE-2019-1003009HIGHCVSS 7.4EG 7.42019-02-06
An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDi…
- CVE-2019-1006HIGHCVSS 7.5EG 7.52019-07-15
An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys, aka 'WCF/WIF SAML Token Authentication Bypass Vul…
- CVE-2019-10091HIGHCVSS 7.4EG 7.42020-03-16
When TLS is enabled with ssl-endpoint-identification-enabled set to true, Apache Geode fails to perform hostname verification of the entries in the certificate SAN during the SSL handshake. This could compromise intra-cluster communication…
- CVE-2019-1010206MEDIUMCVSS 5.9EG 5.92019-07-23
OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.
- CVE-2019-1010275CRITICALCVSS 9.8EG 9.82019-07-17
helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Validation. The impact is: Unauthorized clients could connect to the server because self-signed client certs were aloowed. The component is: helm (many files updated, see http…
- CVE-2019-10314MEDIUMCVSS 5.9EG 6.52019-04-30
Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10317MEDIUMCVSS 5.9EG 5.92019-04-30
Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10334MEDIUMCVSS 6.5EG 6.52019-06-11
Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM when MultipartUtility.java is used to upload files.
- CVE-2019-10381HIGHCVSS 7.5EG 6.52019-08-07
Jenkins Codefresh Integration Plugin 1.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10382MEDIUMCVSS 6.5EG 6.52019-08-07
Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10444MEDIUMCVSS 6.5EG 6.52019-10-16
Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disabled SSL/TLS and hostname verification for connections to HP ALM.
- CVE-2019-10446HIGHCVSS 8.2EG 8.22019-10-16
Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.
- CVE-2019-10914CRITICALCVSS 9.8EG 9.82019-04-08
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_p…
- CVE-2019-11242HIGHCVSS 8.1EG 8.12019-07-12
A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c. Cohesity clusters did not verify TLS certificates presented by vCenter. This vulnerability could expose Coh…
- CVE-2019-11324HIGHCVSS 7.5EG 7.52019-04-18
The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verificatio…
- CVE-2019-11497HIGHCVSS 7.5EG 7.52019-09-10
In Couchbase Server 5.0.0, when an invalid Remote Cluster Certificate was entered as part of the reference creation, XDCR did not parse and check the certificate signature. It then accepted the invalid certificate and attempted to use it t…
- CVE-2019-11550MEDIUMCVSS 5.9EG 5.92019-05-08
Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation.
- CVE-2019-11554MEDIUMCVSS 5.9EG 5.92019-12-06
The Audible application through 2.34.0 for Android has Missing SSL Certificate Validation for Adobe SDKs, allowing MITM attackers to cause a denial of service.
- CVE-2019-11674MEDIUMCVSS 5.9EG 5.92019-10-22
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
- CVE-2019-11688HIGHCVSS 7.4EG 7.42020-03-18
An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. When conducting license validation, exfat.cgi and exfatctl accept any certificate for asustornasapi.asustor.com. In other words, there is Missing SSL Certificate Validation.
- CVE-2019-11727MEDIUMCVSS 5.3EG 5.32019-07-23
A vulnerability exists where it possible to force Network Security Services (NSS) to sign CertificateVerify with PKCS#1 v1.5 signatures when those are the only ones advertised by server in CertificateRequest in TLS 1.3. PKCS#1 v1.5 signatu…
- CVE-2019-12000MEDIUMCVSS 6.6EG 6.62020-07-17
HPE has found a potential Remote Access Restriction Bypass in HPE MSE Msg Gw application E-LTU prior to version 3.2 when HTTPS is used between the USSD and an external USSD service logic application. Update to version 3.2 and update the HT…
- CVE-2019-12098HIGHCVSS 7.4EG 7.42019-05-15
In the client side of Heimdal before 7.6.0, failure to verify anonymous PKINIT PA-PKINIT-KX key exchange permits a man-in-the-middle attack. This issue is in krb5_init_creds_step in lib/krb5/init_creds_pw.c.
- CVE-2019-1231MEDIUMCVSS 5.9EG 5.92019-09-11
An information disclosure vulnerability exists in the way Rome SDK handles server SSL/TLS certificate validation, aka 'Rome SDK Information Disclosure Vulnerability'.
- CVE-2019-12496HIGHCVSS 7.5EG 7.52019-05-31
An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default.
- CVE-2019-12855HIGHCVSS 7.4EG 7.42019-06-16
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
- CVE-2019-13050HIGHCVSS 7.5EG 7.52019-06-29
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data …
- CVE-2019-14334MEDIUMCVSS 5.5EG 5.52019-08-01
An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP Ax 4.2.0.14 21/03/2019 devices. There is post-authenticated Certificate and RSA Private Key extraction through an insecure sslcert-get.cgi HTTP command.
- CVE-2019-14516HIGHCVSS 7.4EG 7.42019-08-13
The mAadhaar application 1.2.7 for Android lacks SSL Certificate Validation, leading to man-in-the-middle attacks against requests for FAQs or Help.
- CVE-2019-14823HIGHCVSS 7.4EG 7.42019-10-14
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not p…
- CVE-2019-14910CRITICALCVSS 9.8EG 9.82019-12-05
A vulnerability was found in keycloak 7.x, when keycloak is configured with LDAP user federation and StartTLS is used instead of SSL/TLS from the LDAP server (ldaps), in this case user authentication succeeds even if invalid password has e…
- CVE-2019-15042HIGHCVSS 7.5EG 7.52019-10-01
An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL certificate validation for some external https connections. This was fixed in TeamCity 2019.1.
- CVE-2019-1552LOWCVSS 3.3EG 3.32019-07-30
OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefi…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →