CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 7 of 25
- CVE-2019-5961HIGHCVSS 7.4EG 7.42019-07-05
The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2019-6032HIGHCVSS 7.4EG 7.42019-12-26
The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2019-6266CRITICALCVSS 9.8EG 9.82019-02-25
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.
- CVE-2019-6592CRITICALCVSS 9.1EG 9.12019-02-26
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
- CVE-2019-6687HIGHCVSS 7.4EG 7.42019-12-23
On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services profile uses a built-in verification mechanism that fails to properly authenticate the X.509 certificate of remote endpoints.
- CVE-2019-6702MEDIUMCVSS 5.9EG 5.92019-03-21
The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certificate Validation. NOTE: this CVE only applies to obsolete versions from 2016 or earlier.
- CVE-2019-7229HIGHCVSS 8.3EG 8.32019-06-24
The ABB CP635 HMI uses two different transmission methods to upgrade its firmware and its software components: "Utilization of USB/SD Card to flash the device" and "Remote provisioning process via ABB Panel Builder 600 over FTP." Neither o…
- CVE-2019-7615HIGHCVSS 7.4EG 7.42019-07-30
A TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. When specifying a trusted server CA certificate via the 'server_ca_cert' setting, the Ruby agent would not properly verify the certificate ret…
- CVE-2019-7728HIGHCVSS 7.5EG 7.52019-02-22
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections.…
- CVE-2019-8337MEDIUMCVSS 5.3EG 5.32019-02-13
In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked.
- CVE-2019-8351CRITICALCVSS 9.1EG 9.12019-03-21
Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2019-8531CRITICALCVSS 9.8EG 9.82020-10-27
A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS …
- CVE-2019-8642LOWCVSS 3.3EG 3.32020-10-27
An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 …
- CVE-2019-9148MEDIUMCVSS 4.3EG 4.32019-07-09
Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public keys: Mailvelope allows importing keys that contain users without a valid self-certification. Keys that are obviously invalid are not rejected during import. An attacker…
- CVE-2020-0119MEDIUMCVSS 5.3EG 5.32020-06-10
In addOrUpdateNetworkInternal and related functions of WifiConfigManager.java, there is a possible man in the middle attack due to improper certificate validation. This could lead to remote information disclosure with no additional executi…
- CVE-2020-0601HIGHCVSS 8.1EG 9.0⚠ KEV2020-01-14
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious…
- CVE-2020-10059MEDIUMCVSS 4.8EG 4.82020-05-11
The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-Z…
- CVE-2020-10659MEDIUMCVSS 4.3EG 4.32020-03-18
Entrust Entelligence Security Provider (ESP) before 10.0.60 on Windows mishandles errors during SSL Certificate Validation, leading to situations where (for example) a user continues to interact with a web site that has an invalid certific…
- CVE-2020-10925HIGHCVSS 8.8EG 8.82020-07-28
This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. …
- CVE-2020-11050CRITICALCVSS 9.0EG 9.02020-05-07
In Java-WebSocket less than or equal to 1.4.1, there is an Improper Validation of Certificate with Host Mismatch where WebSocketClient does not perform SSL hostname validation. This has been patched in 1.5.0.
- CVE-2020-1113HIGHCVSS 7.5EG 7.52020-05-21
A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.
- CVE-2020-11176CRITICALCVSS 9.8EG 9.82021-06-09
While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Sna…
- CVE-2020-11580CRITICALCVSS 9.1EG 9.12020-04-06
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.
- CVE-2020-11617MEDIUMCVSS 5.9EG 5.92020-08-31
The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.
- CVE-2020-11792HIGHCVSS 7.5EG 7.52020-04-15
NETGEAR R8900, R9000, RAX120, and XR700 devices before 2020-01-20 are affected by Transport Layer Security (TLS) certificate private key disclosure.
- CVE-2020-11806MEDIUMCVSS 5.9EG 5.92020-04-23
In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process does not validate the validity of the certificate presented by the server.
- CVE-2020-12143MEDIUMCVSS 6.0EG 4.92020-05-05
The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.
- CVE-2020-12144MEDIUMCVSS 6.0EG 4.92020-05-05
The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal.
- CVE-2020-12421MEDIUMCVSS 6.5EG 6.52020-07-09
When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notificati…
- CVE-2020-12614HIGHCVSS 7.8EG 7.82023-12-12
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate …
- CVE-2020-12618MEDIUMCVSS 4.8EG 4.82020-08-20
eM Client before 7.2.33412.0 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace th…
- CVE-2020-12619MEDIUMCVSS 5.9EG 5.92020-08-20
MailMate before 1.11 automatically imported S/MIME certificates and thereby silently replaced existing ones. This allowed a man-in-the-middle attacker to obtain an email-validated S/MIME certificate from a trusted CA and replace the public…
- CVE-2020-12637CRITICALCVSS 9.8EG 9.82020-05-09
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
- CVE-2020-12681HIGHCVSS 7.5EG 7.52021-07-26
Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.
- CVE-2020-13163HIGHCVSS 7.4EG 7.42020-05-19
em-imap 0.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
- CVE-2020-13245MEDIUMCVSS 5.9EG 5.92020-05-28
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R…
- CVE-2020-13254MEDIUMCVSS 5.9EG 5.92020-06-03
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. In cases where a memcached backend does not perform key validation, passing malformed cache keys could result in a key collision, and potential data leakage.
- CVE-2020-13482HIGHCVSS 7.4EG 7.42020-05-25
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
- CVE-2020-13614MEDIUMCVSS 5.9EG 5.92020-05-26
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
- CVE-2020-13615MEDIUMCVSS 5.9EG 5.92020-05-26
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
- CVE-2020-13616MEDIUMCVSS 5.9EG 5.92020-05-26
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
- CVE-2020-13645MEDIUMCVSS 6.5EG 6.52020-05-28
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its in…
- CVE-2020-13955MEDIUMCVSS 5.9EG 5.92020-10-09
HttpUtils#getURLConnection method disables explicitly hostname verification for HTTPS connections making clients vulnerable to man-in-the-middle attacks. Calcite uses internally this method to connect with Druid and Splunk so information l…
- CVE-2020-14039MEDIUMCVSS 5.3EG 5.32020-07-17
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification…
- CVE-2020-14980MEDIUMCVSS 5.9EG 5.92020-06-22
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.
- CVE-2020-14981MEDIUMCVSS 5.9EG 5.92020-06-22
The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation.
- CVE-2020-15047MEDIUMCVSS 5.9EG 5.92020-06-25
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
- CVE-2020-15133HIGHCVSS 8.0EG 8.02020-07-31
In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshakes. The `Faye::WebSocket::Client` class uses the `EM::Connection#start_tls` method in EventMachine to implement the TLS handshake whenever …
- CVE-2020-15134HIGHCVSS 8.0EG 8.02020-07-31
Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses em-http-request and faye-websocket in the Ruby version of its client. Those libraries both use the `EM::Connection#start_tls` method in Eve…
- CVE-2020-15260MEDIUMCVSS 6.8EG 6.82021-03-10
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.10 and earlier, PJSIP transport can be reused if they hav…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →