CWE-298

Improper Validation of Certificate Expiration

AI Translation Available

A certificate expiration is not validated or is incorrectly validated.

Status

draft

Abstraction

variant

Likelihood

low

Affected Platforms

Technical Details

AI Translation

Common Consequences

integrity other authentication

Impacts

other

Potential Mitigations

Phases:

architecture and design implementation

Descriptions:

• If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the expiration.

• Check for expired certificates and provide the user with adequate information about the nature of the problem and how to proceed.

AI Generated Translation

Common Consequences

integrità altro autenticazione

Impacts

altro

Potential Mitigations

Phases:

architettura e design implementazione

Descriptions:

• Se viene utilizzato il certificate pinning, assicurarsi che tutte le proprietà rilevanti del certificato siano completamente convalidate prima di effettuare il pin del certificato, inclusa la data di scadenza.

• Verifica i certificati scaduti e fornisci all'utente informazioni adeguate sulla natura del problema e su come procedere.

CWE-298

Common Consequences

Impacts

Potential Mitigations

Common Consequences

Impacts

Potential Mitigations

Iscriviti alla newsletter