logo

CWE-298 - Improper Validation of Certificate Expiration

CWE-298 Low

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Draft
Weakness Name

Improper Validation of Certificate Expiration

Description

A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age.

When the expiration of a certificate is not taken into account, no trust has necessarily been conveyed through it. Therefore, the validity of the certificate cannot be verified and all benefit of the certificate is lost.

Common Consequences

Scope: Integrity, Other

Impact: Other

Notes: The data read from the system vouched for by the expired certificate may be flawed due to malicious spoofing.

Scope: Authentication, Other

Impact: Other

Notes: Trust afforded to the system in question - based on the expired certificate - may allow for spoofing attacks.

Related Weaknesses
  • Release Date:
  • 2006-07-19
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website