Description
The product uses OpenSSL and trusts or uses a certificate without using the SSL_get_verify_result() function to ensure that the certificate satisfies all necessary security requirements.
Potential Impact
Confidentiality
Read Application Data
Access Control
Bypass Protection Mechanism, Gain Privileges or Assume Identity
Access Control
Gain Privileges or Assume Identity
Demonstrative Examples
if (cert = SSL_get_peer_certificate(ssl)) {
// got certificate, host can be trusted
//foo=SSL_get_verify_result(ssl);
//if (X509_V_OK==foo) ...
}Mitigations & Prevention
Ensure that proper authentication is included in the system design.
Understand and properly implement all checks necessary to ensure the identity of entities involved in encrypted communications.
Related Weaknesses
Frequently Asked Questions
What is CWE-599?
CWE-599 (Missing Validation of OpenSSL Certificate) is a software weakness identified by MITRE's Common Weakness Enumeration. It is classified as a Variant-level weakness. The product uses OpenSSL and trusts or uses a certificate without using the SSL_get_verify_result() function to ensure that the certificate satisfies all necessary security requirements.
How can CWE-599 be exploited?
Attackers can exploit CWE-599 (Missing Validation of OpenSSL Certificate) to read application data. This weakness is typically introduced during the Implementation phase of software development.
How do I prevent CWE-599?
Key mitigations include: Ensure that proper authentication is included in the system design.
What is the severity of CWE-599?
CWE-599 is classified as a Variant-level weakness (Low-Medium abstraction). Its actual severity depends on the specific context and how the weakness manifests in your application.