CWE-297 Detail

CWE-297

Improper Validation of Certificate with Host Mismatch
High
Incomplete
2006-07-19
00h00 +00:00
2023-06-29
00h00 +00:00
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Notifications manage

Name: Improper Validation of Certificate with Host Mismatch

The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.

CWE Description

Even if a certificate is well-formed, signed, and follows the chain of trust, it may simply be a valid certificate for a different site than the site that the product is interacting with. If the certificate's host-specific data is not properly checked - such as the Common Name (CN) in the Subject or the Subject Alternative Name (SAN) extension of an X.509 certificate - it may be possible for a redirection or spoofing attack to allow a malicious host with a valid certificate to provide data, impersonating a trusted host. In order to ensure data integrity, the certificate must be valid and it must pertain to the site that is being accessed.

Even if the product attempts to check the hostname, it is still possible to incorrectly check the hostname. For example, attackers could create a certificate with a name that begins with a trusted name followed by a NUL byte, which could cause some string-based comparisons to only examine the portion that contains the trusted name.

This weakness can occur even when the product uses Certificate Pinning, if the product does not verify the hostname at the time a certificate is pinned.

General Informations

Modes Of Introduction

Implementation : When the product uses certificate pinning, the developer might not properly validate all relevant components of the certificate before pinning the certificate. This can make it difficult or expensive to test after the pinning is complete.
Implementation : REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Applicable Platforms

Language

Class: Not Language-Specific (Undetermined)

Technologies

Class: Mobile (Undetermined)
Class: Not Technology-Specific (Undetermined)

Common Consequences

Scope Impact Likelihood
Access ControlGain Privileges or Assume Identity

Note: The data read from the system vouched for by the certificate may not be from the expected system.
Authentication
Other
Other

Note: Trust afforded to the system in question - based on the malicious certificate - may allow for spoofing or redirection attacks.

Observed Examples

References Description

CVE-2012-5810

Mobile banking application does not verify hostname, leading to financial loss.

CVE-2012-5811

Mobile application for printing documents does not verify hostname, allowing attackers to read sensitive documents.

CVE-2012-5807

Software for electronic checking does not verify hostname, leading to financial loss.

CVE-2012-3446

Cloud-support library written in Python uses incorrect regular expression when matching hostname.

CVE-2009-2408

Web browser does not correctly handle '\0' character (NUL) in Common Name, allowing spoofing of https sites.

CVE-2012-0867

Database program truncates the Common Name during hostname verification, allowing spoofing.

CVE-2010-2074

Incorrect handling of '\0' character (NUL) in hostname verification allows spoofing.

CVE-2009-4565

Mail server's incorrect handling of '\0' character (NUL) in hostname verification allows spoofing.

CVE-2009-3767

LDAP server's incorrect handling of '\0' character (NUL) in hostname verification allows spoofing.

CVE-2012-5806

Payment processing module does not verify hostname when connecting to PayPal using PHP fsockopen function.

CVE-2012-2993

Smartphone device does not verify hostname, allowing spoofing of mail services.

CVE-2012-5804

E-commerce module does not verify hostname when connecting to payment site.

CVE-2012-5824

Chat application does not validate hostname, leading to loss of privacy.

CVE-2012-5822

Application uses third-party library that does not validate hostname.

CVE-2012-5819

Cloud storage management application does not validate hostname.

CVE-2012-5817

Java library uses JSSE SSLSocket and SSLEngine classes, which do not verify the hostname.

CVE-2012-5784

SOAP platform does not verify the hostname.

CVE-2012-5782

PHP library for payments does not verify the hostname.

CVE-2012-5780

Merchant SDK for payments does not verify the hostname.

CVE-2003-0355

Web browser does not validate Common Name, allowing spoofing of https sites.

Potential Mitigations

Phases : Architecture and Design
Fully check the hostname of the certificate and provide the user with adequate information about the nature of the problem and how to proceed.
Phases : Implementation
If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the hostname.

Detection Methods

Automated Static Analysis

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness : High

Dynamic Analysis with Manual Results Interpretation

Set up an untrusted endpoint (e.g. a server) with which the product will connect. Create a test certificate that uses an invalid hostname but is signed by a trusted CA and provide this certificate from the untrusted endpoint. If the product performs any operations instead of disconnecting and reporting an error, then this indicates that the hostname is not being checked and the test certificate has been accepted.

Black Box

When Certificate Pinning is being used in a mobile application, consider using a tool such as Spinner [REF-955]. This methodology might be extensible to other technologies.

Vulnerability Mapping Notes

Justification : This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.
Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.

References

REF-18

The CLASP Application Security Process
Secure Software, Inc..
https://cwe.mitre.org/documents/sources/TheCLASPApplicationSecurityProcess.pdf

REF-245

The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software
Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, Vitaly Shmatikov.
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf

REF-243

Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security
Sascha Fahl, Marian Harbach, Thomas Muders, Matthew Smith, Lars Baumgärtner, Bernd Freisleben.
http://www2.dcsec.uni-hannover.de/files/android/p50-fahl.pdf

REF-249

Secure programming with the OpenSSL API, Part 2: Secure handshake
Kenneth Ballard.
https://developer.ibm.com/tutorials/l-openssl/?mhsrc=ibmsearch_a&mhq=secure%20programming%20with%20the%20openssl%20API

REF-250

An Introduction to OpenSSL Programming (Part I)
Eric Rescorla.
https://www.linuxjournal.com/article/4822

REF-44

24 Deadly Sins of Software Security
Michael Howard, David LeBlanc, John Viega.

REF-955

Spinner: Semi-Automatic Detection of Pinning without Hostname Verification
Chris McMahon Stone, Tom Chothia, Flavio D. Garcia.
http://www.cs.bham.ac.uk/~garciaf/publications/spinner.pdf

Submission

Name Organization Date Date release Version
CLASP 2006-07-19 +00:00 2006-07-19 +00:00 Draft 3

Modifications

Name Organization Date Comment
Eric Dalci Cigital 2008-07-01 +00:00 updated Time_of_Introduction
CWE Content Team MITRE 2008-09-08 +00:00 updated Common_Consequences, Relationships, Other_Notes, Taxonomy_Mappings
CWE Content Team MITRE 2009-03-10 +00:00 updated Description, Name, Relationships
CWE Content Team MITRE 2009-05-27 +00:00 updated Demonstrative_Examples
CWE Content Team MITRE 2009-07-27 +00:00 updated Demonstrative_Examples, Relationships
CWE Content Team MITRE 2010-12-13 +00:00 updated Description, Other_Notes
CWE Content Team MITRE 2011-06-01 +00:00 updated Common_Consequences
CWE Content Team MITRE 2012-05-11 +00:00 updated References, Relationships
CWE Content Team MITRE 2013-02-21 +00:00 updated Applicable_Platforms, Demonstrative_Examples, Description, Name, Observed_Examples, References, Relationships, Type
CWE Content Team MITRE 2013-07-17 +00:00 updated Relationships
CWE Content Team MITRE 2014-07-30 +00:00 updated Relationships
CWE Content Team MITRE 2015-12-07 +00:00 updated Relationships
CWE Content Team MITRE 2017-11-08 +00:00 updated Demonstrative_Examples, Modes_of_Introduction, References, Relationships
CWE Content Team MITRE 2018-01-16 +00:00 Integrated mitigations and detection methods for Certificate Pinning based on feedback from the CWE Researcher List in December 2017.
CWE Content Team MITRE 2018-03-27 +00:00 updated Common_Consequences, Description, Detection_Factors, Modes_of_Introduction, Potential_Mitigations, References, Time_of_Introduction
CWE Content Team MITRE 2019-06-20 +00:00 updated Relationships
CWE Content Team MITRE 2019-09-19 +00:00 updated Demonstrative_Examples
CWE Content Team MITRE 2020-02-24 +00:00 updated Applicable_Platforms, References, Relationships
CWE Content Team MITRE 2021-10-28 +00:00 updated Relationships
CWE Content Team MITRE 2022-10-13 +00:00 updated References
CWE Content Team MITRE 2023-01-31 +00:00 updated Applicable_Platforms, Description, Detection_Factors, Modes_of_Introduction
CWE Content Team MITRE 2023-04-27 +00:00 updated Detection_Factors, References, Relationships, Time_of_Introduction
CWE Content Team MITRE 2023-06-29 +00:00 updated Mapping_Notes