CWE-298

Improper Validation of Certificate Expiration

AI Translation Available

A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age.

Status

draft

Abstraction

variant

Likelihood

low

Affected Platforms

Extended Description

AI Translation

When the expiration of a certificate is not taken into account, no trust has necessarily been conveyed through it. Therefore, the validity of the certificate cannot be verified and all benefit of the certificate is lost.

Technical Details

AI Translation

Common Consequences

integrity other authentication

Impacts

other

Potential Mitigations

Phases:

architecture and design implementation

Descriptions:

• If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the expiration.

• Check for expired certificates and provide the user with adequate information about the nature of the problem and how to proceed.

AI Generated Translation

Common Consequences

integrità altro autenticazione

Impacts

altro

Potential Mitigations

Phases:

architettura e design implementazione

Descriptions:

• Se viene utilizzato il certificate pinning, assicurarsi che tutte le proprietà rilevanti del certificato siano completamente convalidate prima di effettuare il pin del certificato, inclusa la data di scadenza.

• Verifica i certificati scaduti e fornisci all'utente informazioni adeguate sulla natura del problema e su come procedere.

CWE-298

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter