Common Weakness Enumeration

CWE-297

Allowed

Improper Validation of Certificate with Host Mismatch

Abstraction: Variant · Status: Incomplete

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.

101 vulnerabilities reference this CWE, most recent first.

GHSA-GF47-QGG5-9G9Q

Vulnerability from github – Published: 2026-04-28 12:31 – Updated: 2026-07-09 15:32
VLAI
Details

Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.

This issue affects Apache Thrift: before 0.23.0.

Users are recommended to upgrade to version 0.23.0, which fixes the issue.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-41603"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-28T10:16:03Z",
    "severity": "HIGH"
  },
  "details": "Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.",
  "id": "GHSA-gf47-qgg5-9g9q",
  "modified": "2026-07-09T15:32:00Z",
  "published": "2026-04-28T12:31:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41603"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:14885"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:21769"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:22347"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:22423"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:23345"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:24539"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:36882"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-41603"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2463411"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41603.json"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/04/28/7"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-GW55-JM4H-X339

Vulnerability from github – Published: 2020-05-08 18:54 – Updated: 2021-10-08 19:56
VLAI
Summary
Improper Validation of Certificate with Host Mismatch in Java-WebSocket
Details

The Java-WebSocket Client does not perform hostname verification.

  • This means that SSL certificates of other hosts are accepted as long as they are trusted. To exploit this vulnerability an attacker has to perform a man-in-the-middle (MITM) attack between a Java application using the Java-WebSocket Client and an WebSocket server it's connecting to.
  • TLS normally protects users and systems against MITM attacks, it cannot if certificates from other trusted hosts are accepted by the client.

For more information see: CWE-297: Improper Validation of Certificate with Host Mismatch - https://cwe.mitre.org/data/definitions/297.html

Important note

The OWASP Dependency-Check (https://jeremylong.github.io/DependencyCheck/index.html) may report that a dependency of your project is affected by this security vulnerability, but you don't use this lib. This is caused by the fuzzy search in the OWASP implementation. Check out this issue (https://github.com/TooTallNate/Java-WebSocket/issues/1019#issuecomment-628507934) for more information and a way to suppress the warning.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.4.1"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.java-websocket:Java-WebSocket"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.5.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-11050"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-05-08T18:54:10Z",
    "nvd_published_at": "2020-05-07T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Java-WebSocket Client does not perform hostname verification.\n\n - This means that SSL certificates of other hosts are accepted as long as they are trusted. To exploit this vulnerability an attacker has to perform a man-in-the-middle (MITM) attack between a Java application using the Java-WebSocket Client and an WebSocket server it\u0027s connecting to.\n - TLS normally protects users and systems against MITM attacks, it cannot if certificates from other trusted hosts are accepted by the client.\n\nFor more information see: CWE-297: Improper Validation of Certificate with Host Mismatch - https://cwe.mitre.org/data/definitions/297.html\n\n## Important note\n\nThe OWASP Dependency-Check (https://jeremylong.github.io/DependencyCheck/index.html) may report that a dependency of your project is affected by this security vulnerability, but you don\u0027t use this lib.\nThis is caused by the fuzzy search in the OWASP implementation.\nCheck out this issue (https://github.com/TooTallNate/Java-WebSocket/issues/1019#issuecomment-628507934) for more information and a way to suppress the warning.",
  "id": "GHSA-gw55-jm4h-x339",
  "modified": "2021-10-08T19:56:49Z",
  "published": "2020-05-08T18:54:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/TooTallNate/Java-WebSocket/security/advisories/GHSA-gw55-jm4h-x339"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11050"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/TooTallNate/Java-WebSocket"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Validation of Certificate with Host Mismatch in Java-WebSocket"
}

GHSA-H83P-72JV-G7VP

Vulnerability from github – Published: 2024-08-31 00:31 – Updated: 2024-11-13 18:52
VLAI
Summary
Missing hostname validation in Kroxylicious
Details

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.kroxylicious:kroxylicious-runtime"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-8285"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-09-03T20:17:06Z",
    "nvd_published_at": "2024-08-30T22:15:06Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server\u0027s hostname, resulting in an insecure connection. For a successful attack to be performed, the attacker needs to perform a Man-in-the-Middle attack or compromise any external systems, such as DNS or network routing configuration. This issue is considered a high complexity attack, with additional high privileges required, as the attack would need access to the Kroxylicious configuration or a peer system. The result of a successful attack impacts both data integrity and confidentiality.",
  "id": "GHSA-h83p-72jv-g7vp",
  "modified": "2024-11-13T18:52:35Z",
  "published": "2024-08-31T00:31:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8285"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kroxylicious/kroxylicious/commit/8be1efcb0a2160fa3ad4cb0e5a27e60160774dce"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2024:9571"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2024-8285"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308606"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kroxylicious/kroxylicious"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Missing hostname validation in Kroxylicious"
}

GHSA-H8VM-65GC-GW46

Vulnerability from github – Published: 2024-09-25 03:30 – Updated: 2024-09-25 03:30
VLAI
Details

IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-38324"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-25T01:15:40Z",
    "severity": "MODERATE"
  },
  "details": "IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system.",
  "id": "GHSA-h8vm-65gc-gw46",
  "modified": "2024-09-25T03:30:35Z",
  "published": "2024-09-25T03:30:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38324"
    },
    {
      "type": "WEB",
      "url": "https://www.ibm.com/support/pages/node/7168640"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HW58-3793-42GG

Vulnerability from github – Published: 2025-04-30 17:24 – Updated: 2025-08-07 15:47
VLAI
Summary
Keycloak hostname verification
Details

A flaw was found in Keycloak. By setting a verification policy to 'ANY', the trust store certificate verification is skipped, which is unintended.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.keycloak:keycloak-services"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.2.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-3501"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-04-30T17:24:21Z",
    "nvd_published_at": null,
    "severity": "HIGH"
  },
  "details": "A flaw was found in Keycloak. By setting a verification policy to \u0027ANY\u0027, the trust store certificate verification is skipped, which is unintended.",
  "id": "GHSA-hw58-3793-42gg",
  "modified": "2025-08-07T15:47:35Z",
  "published": "2025-04-30T17:24:21Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/security/advisories/GHSA-hw58-3793-42gg"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3501"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/issues/39350"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/pull/39366"
    },
    {
      "type": "WEB",
      "url": "https://github.com/keycloak/keycloak/commit/99ca24c832729075e04d8bc58666089268314272"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:4335"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:4336"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-3501"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358834"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/keycloak/keycloak"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Keycloak hostname verification"
}

GHSA-JW9P-3GC4-84RW

Vulnerability from github – Published: 2024-09-03 15:30 – Updated: 2024-09-05 15:33
VLAI
Details

Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.  This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security.  The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-7346"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287",
      "CWE-297"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-03T15:15:16Z",
    "severity": "HIGH"
  },
  "details": "Host name validation for TLS certificates is bypassed when the installed OpenEdge default certificates are used to perform the TLS handshake for a networked connection.\u00a0 This has been corrected so that default certificates are no longer capable of overriding host name validation and will need to be replaced where full TLS certificate validation is needed for network security.\u00a0 The existing certificates should be replaced with CA-signed certificates from a recognized certificate authority that contain the necessary information to support host name validation.",
  "id": "GHSA-jw9p-3gc4-84rw",
  "modified": "2024-09-05T15:33:34Z",
  "published": "2024-09-03T15:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7346"
    },
    {
      "type": "WEB",
      "url": "https://community.progress.com/s/article/Client-connections-using-default-TLS-certificates-from-OpenEdge-may-bypass-TLS-host-name-validation"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PX2C-R924-MWCC

Vulnerability from github – Published: 2025-06-18 15:31 – Updated: 2025-06-18 19:42
VLAI
Summary
Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates
Details

The Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c 3.7.1"
      },
      "package": {
        "ecosystem": "NuGet",
        "name": "CouchbaseNetClient"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-49015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-06-18T19:42:25Z",
    "nvd_published_at": "2025-06-18T14:15:44Z",
    "severity": "MODERATE"
  },
  "details": "The Couchbase .NET SDK (client library) before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default.",
  "id": "GHSA-px2c-r924-mwcc",
  "modified": "2025-06-18T19:42:25Z",
  "published": "2025-06-18T15:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49015"
    },
    {
      "type": "WEB",
      "url": "https://github.com/couchbase/couchbase-net-client/commit/04d1679b2178f922036be6e595b3d91f972c5ba3"
    },
    {
      "type": "WEB",
      "url": "https://docs.couchbase.com/server/current/release-notes/relnotes.html"
    },
    {
      "type": "WEB",
      "url": "https://forums.couchbase.com/tags/security"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/couchbase/couchbase-net-client"
    },
    {
      "type": "WEB",
      "url": "https://www.couchbase.com/alerts"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Couchbase .NET SDK (client library) does not properly enable hostname verification for TLS certificates"
}

GHSA-PXP5-G66H-WPV2

Vulnerability from github – Published: 2022-09-22 00:00 – Updated: 2022-12-06 19:54
VLAI
Summary
Missing hostname validation in Jenkins View26 Test-Reporting Plugin
Details

Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:view26"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.7"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-41244"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-09-23T13:30:36Z",
    "nvd_published_at": "2022-09-21T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins View26 Test-Reporting Plugin 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server that could be abused using a man-in-the-middle attack to intercept these connections.",
  "id": "GHSA-pxp5-g66h-wpv2",
  "modified": "2022-12-06T19:54:53Z",
  "published": "2022-09-22T00:00:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41244"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/view26-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-2069"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Missing hostname validation in Jenkins View26 Test-Reporting Plugin"
}

GHSA-R4MC-2XRG-97HV

Vulnerability from github – Published: 2023-09-01 12:30 – Updated: 2024-04-04 07:21
VLAI
Details

An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-22305"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-295",
      "CWE-297"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-01T12:15:08Z",
    "severity": "MODERATE"
  },
  "details": "An improper certificate validation vulnerability [CWE-295] in\u00a0FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to\u00a0man-in-the-middle the communication between the listed products and some external peers.",
  "id": "GHSA-r4mc-2xrg-97hv",
  "modified": "2024-04-04T07:21:33Z",
  "published": "2023-09-01T12:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22305"
    },
    {
      "type": "WEB",
      "url": "https://fortiguard.com/psirt/FG-IR-18-292"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-R53V-VM87-F72C

Vulnerability from github – Published: 2018-10-16 20:50 – Updated: 2024-03-01 20:29
VLAI
Summary
Improper Validation of Certificates in apache axis
Details

The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.axis:axis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "axis:axis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2014-3596"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-297"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:53:43Z",
    "nvd_published_at": "2014-08-27T00:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The getCN function in Apache Axis 1.4 and earlier does not properly verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field.  NOTE: this issue exists because of an incomplete fix for CVE-2012-5784.",
  "id": "GHSA-r53v-vm87-f72c",
  "modified": "2024-03-01T20:29:59Z",
  "published": "2018-10-16T20:50:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3596"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2020.html"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200227173427/http://www.securityfocus.com/bid/69295"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20160815194947/http://www.securitytracker.com/id/1030745"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c@%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/de2af12dcaba653d02b03235327ca4aa930401813a3cced8e151d29c%40%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/a308887782e05da7cf692e4851ae2bd429a038570cbf594e6631cc8d@%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/a308887782e05da7cf692e4851ae2bd429a038570cbf594e6631cc8d%40%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8aa25c99eeb0693fc229ec87d1423b5ed5d58558618706d8aba1d832@%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/8aa25c99eeb0693fc229ec87d1423b5ed5d58558618706d8aba1d832%40%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5e6c92145deddcecf70c3604041dcbd615efa2d37632fc2b9c367780@%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5e6c92145deddcecf70c3604041dcbd615efa2d37632fc2b9c367780%40%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5@%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/44d4e88a5fa8ae60deb752029afe9054da87c5f859caf296fcf585e5%40%3Cjava-dev.axis.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://issues.apache.org/jira/browse/AXIS-2905"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95377"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1129935"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2014-3596"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2015:1010"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2014:1193"
    },
    {
      "type": "WEB",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1193.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00007.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00022.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1193.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2014/08/20/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "Improper Validation of Certificates in apache axis"
}

Mitigation
Architecture and Design

Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.

Mitigation
Implementation

If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

No CAPEC attack patterns related to this CWE.