Insecure digital certificates - Chain of trust
Description
Due to improper implementation of the TrustManager checkServerTrusted method, methods are created that do not throw a certificate exception when invalid certificates are detected. Thanks to this it is possible to accept any incoming certificate and materialize Man in The Middle attacks.
Impact
Execute Man-in-the-middle attacks.
Recommendation
Define a processing logic for invalid certificates that includes rejecting the connection to such certificates and storing the technical details of the event in logs.
Threat
Unauthorized attacker from intranet
Expected Remediation Time
⏱️ 45 minutes.
Requirements
088 - Request client certificates089 - Limit validity of certificates090 - Use valid certificates091 - Use internally signed certificates092 - Use externally signed certificates093 - Use consistent certificatesFixes
Score
Default score using CVSS 4.0. It may change depending on the context of the src.
Base 4.0
Attack vector
A
Attack complexity
H
Attack requirements
N
Privileges required
N
User interaction
A
Confidentiality (VC)
N
Integrity (VI)
L
Availability (VA)
N
Confidentiality (SC)
N
Integrity (SI)
N
Availability (SA)
N
Threat 4.0
Exploit maturity
P
Vector string
CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P