Category: Identify Actors
Draft
Summary
Weaknesses in this category are related to the design and architecture of a system's identification management components. Frequently these deal with verifying that external agents provide inputs into the system. The weaknesses in this category could lead to a degradation of the quality of identification management if they are not addressed when designing or implementing a secure architecture.
Membership
| ID | Name | Description |
|---|---|---|
| CWE-295 | Improper Certificate Validation | This vulnerability occurs when an application fails to properly verify the authenticity of a digital certificate, or performs the verification incorrectly, allowing untrusted connections to appear legitimate. |
| CWE-296 | Improper Following of a Certificate's Chain of Trust | This vulnerability occurs when software fails to properly validate the entire certificate chain back to a trusted root authority. This mistake can cause the system to incorrectly trust a certificate and the resource it represents, creating a security gap. |
| CWE-297 | Improper Validation of Certificate with Host Mismatch | This vulnerability occurs when an application accepts a valid SSL/TLS certificate without properly verifying that it actually belongs to the specific host it's connecting to. Even a correctly signed certificate from a trusted authority can be misused if the hostname check is missing or flawed. |
| CWE-298 | Improper Validation of Certificate Expiration | This vulnerability occurs when an application fails to properly check if a digital certificate has expired, potentially trusting certificates that are no longer valid due to their age. |
| CWE-299 | Improper Check for Certificate Revocation | This vulnerability occurs when an application fails to properly verify whether a security certificate has been revoked, potentially allowing it to accept and use a compromised or untrustworthy certificate. |
| CWE-345 | Insufficient Verification of Data Authenticity | This vulnerability occurs when an application fails to properly check where data comes from or confirm its legitimacy, allowing untrusted or forged information to be processed as valid. |
| CWE-346 | Origin Validation Error | This vulnerability occurs when an application fails to properly confirm the true origin of incoming data or communication, allowing attackers to spoof their source. |
| CWE-370 | Missing Check for Certificate Revocation after Initial Check | This vulnerability occurs when software only verifies a certificate's revocation status once, then continues to trust it for subsequent privileged actions without re-checking. This allows operations to proceed even if the certificate is revoked later. |
| CWE-441 | Unintended Proxy or Intermediary ('Confused Deputy') | A confused deputy vulnerability occurs when a system receives a request from a client and forwards it to an external destination without properly identifying the original source. This makes the system appear to be the originator of the request, effectively turning it into an unintended proxy for the client. |
| CWE-599 | Missing Validation of OpenSSL Certificate | This vulnerability occurs when an application uses OpenSSL but fails to properly verify server certificates by not calling SSL_get_verify_result(). Without this validation, the application may accept insecure or fraudulent certificates. |
| CWE-940 | Improper Verification of Source of a Communication Channel | This vulnerability occurs when an application accepts incoming communication requests without properly checking where they originate from, allowing potentially malicious sources to establish a connection. |
| CWE-941 | Incorrectly Specified Destination in a Communication Channel | This vulnerability occurs when an application establishes an outgoing communication channel but fails to correctly define or enforce the intended recipient. This misdirection can allow data to be sent to an untrusted or malicious destination. |
| CWE-1008 | Architectural Concepts | This view organizes weaknesses according to common architectural security tactics. It is intended to assist architects in identifying potential mistakes that can be made when designing software. |
Vulnerability Mapping Notes
Usage: Prohibited
Reasons: Category
Rationale:
This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves.
Comment:
See member weaknesses of this category.