CWE-295— Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.— MITRE CWE catalog
1,227 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-295page 8 of 25
- CVE-2020-15498MEDIUMCVSS 5.9EG 5.92020-08-26
An issue was discovered on ASUS RT-AC1900P routers before 3.0.0.4.385_20253. The router accepts an arbitrary server certificate for a firmware update. The culprit is the --no-check-certificate option passed to wget tool used to download fi…
- CVE-2020-15526MEDIUMCVSS 5.9EG 5.92020-07-09
In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifications pages to disable certificate check…
- CVE-2020-15604HIGHCVSS 7.5EG 7.52020-09-24
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into d…
- CVE-2020-15719MEDIUMCVSS 4.2EG 4.22020-07-14
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for exa…
- CVE-2020-15720MEDIUMCVSS 6.8EG 6.82020-07-14
In Dogtag PKI through 10.8.3, the pki.client.PKIConnection class did not enable python-requests certificate validation. Since the verify parameter was hard-coded in all request functions, it was not possible to override the setting. As a r…
- CVE-2020-15732MEDIUMCVSS 6.5EG 6.52021-06-22
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HSTS) checks. This issue affects: Bitdefend…
- CVE-2020-15813HIGHCVSS 8.1EG 8.12020-07-17
Graylog before 3.3.3 lacks SSL Certificate Validation for LDAP servers. It allows use of an external user/group database stored in LDAP. The connection configuration allows the usage of unencrypted, SSL- or TLS-secured connections. Unfortu…
- CVE-2020-16093HIGHCVSS 7.5EG 7.52022-07-18
In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used.
- CVE-2020-16162HIGHCVSS 7.5EG 7.52020-07-30
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. Missing validation checks on CRL presence or CRL staleness in the X509-based RPKI certificate-tree validation procedure allow remote attackers to bypass i…
- CVE-2020-16163CRITICALCVSS 9.1EG 9.12020-07-30
An issue was discovered in RIPE NCC RPKI Validator 3.x before 3.1-2020.07.06.14.28. RRDP fetches proceed even with a lack of validation of a TLS HTTPS endpoint. This allows remote attackers to bypass intended access restrictions, or to tri…
- CVE-2020-16164HIGHCVSS 7.4EG 7.42020-07-30
An issue was discovered in RIPE NCC RPKI Validator 3.x through 3.1-2020.07.06.14.28. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholdin…
- CVE-2020-16197MEDIUMCVSS 4.3EG 4.32020-08-25
An issue was discovered in Octopus Deploy 3.4. A deployment target can be configured with an Account or Certificate that is outside the scope of the deployment target. An authorised user can potentially use a certificate that they are not …
- CVE-2020-1675HIGHCVSS 8.3EG 8.32020-10-16
When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized …
- CVE-2020-17366HIGHCVSS 7.4EG 7.42020-08-05
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Or…
- CVE-2020-1758MEDIUMCVSS 5.3EG 5.32020-05-15
A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an attacker to perform a man-in-the-middle (MITM) attack.
- CVE-2020-1887CRITICALCVSS 9.1EG 9.12020-03-13
Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust.
- CVE-2020-1929HIGHCVSS 7.5EG 7.52020-01-15
The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This ex…
- CVE-2020-1952CRITICALCVSS 9.8EG 9.82020-04-27
An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.
- CVE-2020-2033MEDIUMCVSS 5.3EG 5.32020-06-10
When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with …
- CVE-2020-2187MEDIUMCVSS 5.6EG 5.62020-05-06
Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.
- CVE-2020-2252MEDIUMCVSS 4.8EG 4.82020-09-16
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
- CVE-2020-2253MEDIUMCVSS 4.8EG 4.82020-09-16
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
- CVE-2020-24025MEDIUMCVSS 5.3EG 5.32021-01-11
Certificate validation in node-sass 2.0.0 to 4.14.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.
- CVE-2020-24392MEDIUMCVSS 5.9EG 5.92021-02-19
In voloko twitter-stream 0.1.10, missing TLS hostname validation allows an attacker to perform a man-in-the-middle attack against users of the library (because eventmachine is misused).
- CVE-2020-24393MEDIUMCVSS 5.9EG 5.92021-02-19
TweetStream 2.6.1 uses the library eventmachine in an insecure way that does not have TLS hostname validation. This allows an attacker to perform a man-in-the-middle attack.
- CVE-2020-24560HIGHCVSS 7.5EG 7.52020-09-24
An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into d…
- CVE-2020-24613MEDIUMCVSS 6.8EG 6.82020-08-24
wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged …
- CVE-2020-24619MEDIUMCVSS 5.9EG 5.92020-09-22
In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone). A man-in-the-middle attacker could offer a spoofed download resource.
- CVE-2020-24661MEDIUMCVSS 5.9EG 5.92020-08-26
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 s…
- CVE-2020-24714CRITICALCVSS 9.8EG 9.82020-08-27
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option.
- CVE-2020-24715CRITICALCVSS 9.8EG 9.82020-08-27
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName.
- CVE-2020-25276HIGHCVSS 7.3EG 7.32020-09-11
An issue was discovered in PrimeKey EJBCA 6.x and 7.x before 7.4.1. When using a client certificate to enroll over the EST protocol, no revocation check is performed on that certificate. This vulnerability can only affect a system that has…
- CVE-2020-25680MEDIUMCVSS 5.4EG 5.42021-01-07
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostname are matching stopped working and allo…
- CVE-2020-26117HIGHCVSS 8.1EG 8.12020-09-27
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server aft…
- CVE-2020-26184HIGHCVSS 7.5EG 7.52022-06-01
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate Validation vulnerability.
- CVE-2020-27589HIGHCVSS 7.5EG 7.52020-11-06
Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.
- CVE-2020-27648HIGHCVSS 8.3EG 9.02020-10-29
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2020-27649HIGHCVSS 8.3EG 8.32020-10-29
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- CVE-2020-28362HIGHCVSS 7.5EG 7.52020-11-18
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
- CVE-2020-28907CRITICALCVSS 9.8EG 9.82021-05-24
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in upgrade_to_latest.sh.
- CVE-2020-28942MEDIUMCVSS 4.3EG 4.32020-11-19
An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST while proxied through an RA over the Peers protocol. As a part of EJBCA's domain security model, the peer connector allows the restriction of client certificates (for t…
- CVE-2020-28972MEDIUMCVSS 5.9EG 5.92021-02-27
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.
- CVE-2020-29440MEDIUMCVSS 4.6EG 4.62020-11-30
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data …
- CVE-2020-29457MEDIUMCVSS 4.4EG 4.42021-02-16
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.
- CVE-2020-29504HIGHCVSS 7.4EG 7.42024-02-02
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain a Missing Required Cryptographic Step Vulnerability.
- CVE-2020-29663CRITICALCVSS 9.1EG 9.12020-12-15
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3.
- CVE-2020-3155HIGHCVSS 7.4EG 7.42020-03-04
A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the…
- CVE-2020-3342HIGHCVSS 8.8EG 8.82020-06-18
A vulnerability in the software update feature of Cisco Webex Meetings Desktop App for Mac could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to improper validation of …
- CVE-2020-35509MEDIUMCVSS 5.4EG 5.42022-08-23
A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data …
- CVE-2020-3557MEDIUMCVSS 5.3EG 5.32020-10-21
A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due t…
Map vulnerabilities like CWE-295 to your infrastructure
EchelonGraph correlates every CVE — across CWE-295 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →