Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-295
Total 821 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6266 1 Cordaware 1 Bestinformed 2019-02-28 7.5 HIGH 9.8 CRITICAL
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.
CVE-2019-6592 1 F5 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more 2019-02-28 6.4 MEDIUM 9.1 CRITICAL
On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file when validating SSL certificates in client SSL or server SSL profiles.
CVE-2016-5016 1 Pivotal Software 4 Cloud Foundry, Cloud Foundry Elastic Runtime, Cloud Foundry Uaa and 1 more 2019-02-26 4.3 MEDIUM 5.9 MEDIUM
Pivotal Cloud Foundry 239 and earlier, UAA (aka User Account and Authentication Server) 3.4.1 and earlier, UAA release 12.2 and earlier, PCF (aka Pivotal Cloud Foundry) Elastic Runtime 1.6.x before 1.6.35, and PCF Elastic Runtime 1.7.x before 1.7.13 does not validate if a certificate is expired.
CVE-2019-7728 1 Bosch 1 Smart Camera 2019-02-22 5.1 MEDIUM 7.5 HIGH
An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to improperly implemented TLS certificate checks, a malicious actor could potentially succeed in executing a man-in-the-middle attack for some connections. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)
CVE-2018-20245 1 Apache 1 Airflow 2019-02-20 5.0 MEDIUM 7.5 HIGH
The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.
CVE-2018-16187 1 Ricoh 16 D2200, D2200 Firmware, D5500 and 13 more 2019-02-08 4.3 MEDIUM 5.9 MEDIUM
The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication.
CVE-2018-19982 1 Powermanager 2 Kt Mc01507l Z-wave S0, Kt Mc01507l Z-wave S0 Firmware 2019-02-06 2.9 LOW 5.3 MEDIUM
An issue was discovered on KT MC01507L Z-Wave S0 devices. It occurs because HPKP is not implemented. The communication architecture is APP > Server > Controller (HUB) > Node (products which are controlled by HUB). The prerequisite is that the attacker is on the same network as the target HUB, and can use IP Changer to change destination IP addresses (of all packets whose destination IP address is Server) to a proxy-server IP address. This allows sniffing of cleartext between Server and Controller. The cleartext command data is transmitted to Controller using the proxy server's fake certificate, and it is able to control each Node of the HUB. Also, by operating HUB in Z-Wave Pairing Mode, it is possible to obtain the Z-Wave network key.
CVE-2018-0691 6 Apple, Google, Kddi and 3 more 6 Iphone Os, Android, \+ Message and 3 more 2019-02-04 4.3 MEDIUM 5.9 MEDIUM
Multiple +Message Apps (Softbank +Message App for Android prior to version 10.1.7, Softbank +Message App for iOS prior to version 1.1.23, NTT DOCOMO +Message App for Android prior to version 42.40.2800, NTT DOCOMO +Message App for iOS prior to version 1.1.23, KDDI +Message App for Android prior to version 1.0.6, and KDDI +Message App for iOS prior to version 1.1.23) do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2018-17187 1 Apache 1 Qpid Proton-j 2019-01-31 5.8 MEDIUM 7.4 HIGH
The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer certificate, with options to configure this explicitly or select a certificate verification mode with or without hostname verification being performed. The latter hostname verifying mode was not implemented in Apache Qpid Proton-J versions 0.3 to 0.29.0, with attempts to use it resulting in an exception. This left only the option to verify the certificate is trusted, leaving such a client vulnerable to Man In The Middle (MITM) attack. Uses of the Proton-J protocol engine which do not utilise the optional transport TLS wrapper are not impacted, e.g. usage within Qpid JMS. Uses of Proton-J utilising the optional transport TLS wrapper layer that wish to enable hostname verification must be upgraded to version 0.30.0 or later and utilise the VerifyMode#VERIFY_PEER_NAME configuration, which is now the default for client mode usage unless configured otherwise.
CVE-2018-16179 1 Mizuhobank 1 Mizuho Direct Application 2019-01-17 4.3 MEDIUM 5.9 MEDIUM
The Mizuho Direct App for Android version 3.13.0 and earlier does not verify server certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
CVE-2018-12087 1 Opcfoundation 2 Ua-.net-legacy, Ua-.netstandard 2019-01-14 2.1 LOW 5.3 MEDIUM
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
CVE-2018-15326 1 F5 1 Big-ip Access Policy Manager 2018-12-13 6.0 MEDIUM 7.5 HIGH
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List.
CVE-2018-1000664 1 Dsub For Subsonic Project 1 Dsub For Subsonic 2018-12-12 4.3 MEDIUM 5.9 MEDIUM
daneren2005 DSub for Subsonic (Android client) version 5.4.1 contains a CWE-295: Improper Certificate Validation vulnerability in HTTPS Client that can result in Any non-CA signed server certificate, including self signed and expired, are accepted by the client. This attack appear to be exploitable via The victim connects to a server that's MITM/Proxied by an attacker.
CVE-2018-8479 1 Microsoft 2 C Software Development Kit, Java Software Development Kit 2018-12-12 6.8 MEDIUM 5.6 MEDIUM
A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.
CVE-2018-18567 1 Audiocodes 4 440hd, 440hd Firmware, 450hd and 1 more 2018-12-07 4.3 MEDIUM 5.9 MEDIUM
AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
CVE-2018-15898 1 Subsonic 1 Music Streamer 2018-11-30 4.3 MEDIUM 5.9 MEDIUM
The Subsonic Music Streamer application 4.4 for Android has Improper Certificate Validation of the Subsonic server certificate, which might allow man-in-the-middle attackers to obtain interaction data.
CVE-2018-17215 1 Getpostman 1 Postman 2018-11-21 4.3 MEDIUM 8.1 HIGH
An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. Thus, all contained information of the HTTPS request is disclosed to a man-in-the-middle attacker (for example, user credentials).
CVE-2018-12608 1 Mobyproject 1 Moby 2018-11-19 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
CVE-2018-2460 1 Sap 1 Business One 2018-11-16 4.3 MEDIUM 5.9 MEDIUM
SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to do MITM attack.
CVE-2016-1000030 2 Pidgin, Suse 2 Pidgin, Linux Enterprise Server 2018-11-14 7.5 HIGH 9.8 CRITICAL
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0.