CWE-593
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
Draft
2006-12-15
00h00 +00:00
00h00 +00:00
2023-06-29
00h00 +00:00
00h00 +00:00
Notifications for a CWE
Stay informed of any changes for a specific CWE.
Name: Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
The product modifies the SSL context after connection creation has begun.
CWE Description
If the program modifies the SSL_CTX object after creating SSL objects from it, there is the possibility that older SSL objects created from the original context could all be affected by that change.
General Informations
Modes Of Introduction
Implementation : REALIZATION: This weakness is caused during implementation of an architectural security tactic.Common Consequences
| Scope | Impact | Likelihood |
|---|---|---|
| Access Control | Bypass Protection Mechanism Note: No authentication takes place in this process, bypassing an assumed protection of encryption. | |
| Confidentiality | Read Application Data Note: The encrypted communication between a user and a trusted host may be subject to a sniffing attack. |
Potential Mitigations
Phases : Architecture and DesignUse a language or a library that provides a cryptography framework at a higher level of abstraction.
Phases : Implementation
Most SSL_CTX functions have SSL counterparts that act on SSL-type objects.
Phases : Implementation
Applications should set up an SSL_CTX completely, before creating SSL objects from it.
Vulnerability Mapping Notes
Justification : This CWE entry is at the Variant level of abstraction, which is a preferred level of abstraction for mapping to the root causes of vulnerabilities.Comment : Carefully read both the name and description to ensure that this mapping is an appropriate fit. Do not try to 'force' a mapping to a lower-level Base/Variant simply to comply with this preferred level of abstraction.
Related Attack Patterns
| CAPEC-ID | Attack Pattern Name |
|---|---|
| CAPEC-94 | Adversary in the Middle (AiTM) An adversary targets the communication between two components (typically client and server), in order to alter or obtain data from transactions. A general approach entails the adversary placing themself within the communication channel between the two components. |
Submission
| Name | Organization | Date | Date release | Version |
|---|---|---|---|---|
| CWE Community | Draft 5 |
Modifications
| Name | Organization | Date | Comment |
|---|---|---|---|
| Eric Dalci | Cigital | updated Time_of_Introduction | |
| CWE Content Team | MITRE | updated Common_Consequences, Relationships, Other_Notes | |
| CWE Content Team | MITRE | updated Description, Other_Notes, Potential_Mitigations | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Common_Consequences | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Potential_Mitigations, Relationships | |
| CWE Content Team | MITRE | updated Demonstrative_Examples, Modes_of_Introduction, Relationships | |
| CWE Content Team | MITRE | updated Common_Consequences, Relationships | |
| CWE Content Team | MITRE | updated Relationships | |
| CWE Content Team | MITRE | updated Description | |
| CWE Content Team | MITRE | updated Relationships, Time_of_Introduction | |
| CWE Content Team | MITRE | updated Mapping_Notes |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.