VariantIncomplete
CWE-297Improper Validation of Certificate with Host Mismatch
Category: other
Description
The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.
Common consequences· 3
- Access Control — Gain Privileges or Assume IdentityThe data read from the system vouched for by the certificate may not be from the expected system.
- Authentication / Other — OtherTrust afforded to the system in question - based on the malicious certificate - may allow for spoofing or redirection attacks.
- Access Control / Other — Gain Privileges or Assume Identity, OtherIf the certificate's host-specific data is not properly checked - such as the Common Name (CN) in the Subject or the Subject Alternative Name (SAN) extension of an X.509 certificate - it may be possible for a redirection or spoofing attack to allow a malicious host with a valid certificate to provide data, impersonating a trusted host.
Potential mitigations· 2
- [Architecture and Design]Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.
- [Implementation]If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
References
(incoming)5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Vulnerability | CVE-2025-2190cve-2025-2190 | 0% | live |
| Vulnerability | CVE-2025-3501cve-2025-3501 | 0% | live |
| Vulnerability | CVE-2025-46408cve-2025-46408 | 0% | live |
| Vulnerability | CVE-2025-68637cve-2025-68637 | 0% | live |
| Vulnerability | CVE-2026-22747cve-2026-22747 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.