Description
The software communicates with a host that provides a certificate, but the software does not properly ensure that the certificate is actually associated with that host.
Modes of Introduction:
– Architecture and Design
Likelihood of Exploit: High
Related Weaknesses
Consequences
Access Control: Gain Privileges or Assume Identity
The data read from the system vouched for by the certificate may not be from the expected system.
Authentication, Other: Other
Trust afforded to the system in question – based on the malicious certificate – may allow for spoofing or redirection attacks.
Potential Mitigations
Phase: Architecture and Design
Description:
Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.
Phase: Implementation
Description:
If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.
CVE References
- CVE-2012-5810
- Mobile banking application does not verify hostname, leading to financial loss.
- CVE-2012-5811
- Mobile application for printing documents does not verify hostname, allowing attackers to read sensitive documents.
- CVE-2012-5807
- Software for electronic checking does not verify hostname, leading to financial loss.
- CVE-2012-3446
- Cloud-support library written in Python uses incorrect regular expression when matching hostname.
- CVE-2009-2408
- Web browser does not correctly handle ‘