Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-295
Total 821 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42131 1 Liferay 2 Digital Experience Platform, Liferay Portal 2022-11-18 N/A 4.8 MEDIUM
Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3.
CVE-2022-45391 1 Jenkins 1 Ns-nd Integration Performance Publisher 2022-11-17 N/A 7.5 HIGH
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM.
CVE-2020-26117 3 Debian, Opensuse, Tigervnc 3 Debian Linux, Leap, Tigervnc 2022-11-16 5.8 MEDIUM 8.1 HIGH
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
CVE-2020-13614 3 Axel Project, Fedoraproject, Opensuse 4 Axel, Fedora, Backports Sle and 1 more 2022-11-14 4.3 MEDIUM 5.9 MEDIUM
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
CVE-2022-32156 1 Splunk 2 Splunk, Universal Forwarder 2022-11-14 6.8 MEDIUM 8.1 HIGH
In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by default. After updating to version 9.0, see Configure TLS host name validation for the Splunk CLI https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/EnableTLSCertHostnameValidation#Configure_TLS_host_name_validation_for_the_Splunk_CLI to enable the remediation. The vulnerability does not affect the Splunk Cloud Platform. At the time of publishing, we have no evidence of exploitation of this vulnerability by external parties. The issue requires conditions beyond the control of a potential bad actor such as a machine-in-the-middle attack. Hence, Splunk rates the complexity of the attack as High.
CVE-2022-25243 1 Hashicorp 1 Vault 2022-11-09 3.5 LOW 6.5 MEDIUM
"Vault and Vault Enterprise 1.8.0 through 1.8.8, and 1.9.3 allowed the PKI secrets engine under certain configurations to issue wildcard certificates to authorized users for a specified domain, even if the PKI role policy attribute allow_subdomains is set to false. Fixed in Vault Enterprise 1.8.9 and 1.9.4.
CVE-2022-20960 1 Cisco 1 Email Security Appliance 2022-11-08 N/A 7.5 HIGH
A vulnerability in Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain TLS connections that are processed by an affected device. An attacker could exploit this vulnerability by establishing a large number of concurrent TLS connections to an affected device. A successful exploit could allow the attacker to cause the device to drop new TLS email messages that come from the associated email servers. Exploitation of this vulnerability does not cause the affected device to unexpectedly reload. The device will recover autonomously within a few hours of when the attack is halted or mitigated.
CVE-2021-22939 5 Debian, Netapp, Nodejs and 2 more 8 Debian Linux, Nextgen Api, Node.js and 5 more 2022-11-07 5.0 MEDIUM 5.3 MEDIUM
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted.
CVE-2022-42813 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2022-11-03 N/A 9.8 CRITICAL
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution.
CVE-2021-3406 2 Fedoraproject, Keylime 2 Fedora, Keylime 2022-10-27 7.5 HIGH 9.8 CRITICAL
A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.
CVE-2021-3547 1 Openvpn 1 Openvpn 2022-10-27 5.8 MEDIUM 7.4 HIGH
OpenVPN 3 Core Library version 3.6 and 3.6.1 allows a man-in-the-middle attacker to bypass the certificate authentication by issuing an unrelated server certificate using the same hostname found in the verify-x509-name option in a client configuration.
CVE-2021-32574 1 Hashicorp 1 Consul 2022-10-25 5.0 MEDIUM 7.5 HIGH
HashiCorp Consul and Consul Enterprise 1.3.0 through 1.10.0 Envoy proxy TLS configuration does not validate destination service identity in the encoded subject alternative name. Fixed in 1.8.14, 1.9.8, and 1.10.1.
CVE-2021-43766 1 Odyssey Project 1 Odyssey 2022-10-14 N/A 8.1 HIGH
Odyssey passes to server unencrypted bytes from man-in-the-middle When Odyssey is configured to use certificate Common Name for client authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption. This is similar to CVE-2021-23214 for PostgreSQL.
CVE-2022-40147 1 Siemens 1 Industrial Edge Management 2022-10-12 N/A 7.4 HIGH
A vulnerability has been identified in Industrial Edge Management (All versions < V1.5.1). The affected software does not properly validate the server certificate when initiating a TLS connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path between the client and the intended server.
CVE-2022-41747 2 Microsoft, Trendmicro 2 Windows, Apex One 2022-10-11 N/A 7.8 HIGH
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-44533 3 Debian, Nodejs, Oracle 9 Debian Linux, Node.js, Graalvm and 6 more 2022-10-05 5.0 MEDIUM 5.3 MEDIUM
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.Affected versions of Node.js that do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.
CVE-2021-44532 3 Debian, Nodejs, Oracle 9 Debian Linux, Node.js, Graalvm and 6 more 2022-10-05 5.0 MEDIUM 5.3 MEDIUM
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option.
CVE-2021-44531 2 Nodejs, Oracle 8 Node.js, Graalvm, Mysql Cluster and 5 more 2022-10-05 5.8 MEDIUM 7.4 HIGH
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.
CVE-2021-32728 2 Debian, Nextcloud 2 Debian Linux, Desktop 2022-10-04 4.0 MEDIUM 6.5 MEDIUM
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with a computer. Clients using the Nextcloud end-to-end encryption feature download the public and private key via an API endpoint. In versions prior to 3.3.0, the Nextcloud Desktop client fails to check if a private key belongs to previously downloaded public certificate. If the Nextcloud instance serves a malicious public key, the data would be encrypted for this key and thus could be accessible to a malicious actor. This issue is fixed in Nextcloud Desktop Client version 3.3.0. There are no known workarounds aside from upgrading.
CVE-2022-34394 1 Dell 1 Smartfabric Os10 2022-09-30 N/A 3.7 LOW
Dell OS10, version 10.5.3.4, contains an Improper Certificate Validation vulnerability in Support Assist. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to unauthorized access to limited switch configuration data. The vulnerability could be leveraged by attackers to conduct man-in-the-middle attacks to gain access to the Support Assist information.