Insecure WebView Implementation: SSL Certificate Validation Bypass
Description
The app fails to properly validate SSL certificates, allowing potentially malicious or spoofed certificates to be accepted, leading to a Man-in-the-Middle (MitM) attack where an attacker intercepts and manipulates communication between the app and the server.
Examples
Insecure Code
java
$RET onReceivedSslError(WebView $W, SslErrorHandler $H, SslError $E) {
...
$H.proceed();
}Secure Code
java
public class MyWebViewClient extends WebViewClient {
@Override
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
// Check the SSL error type
switch (error.getPrimaryError()) {
case SslError.SSL_UNTRUSTED:
// Certificate is untrusted
// Handle the error appropriately, such as showing an error message
break;
case SslError.SSL_EXPIRED:
// Certificate has expired
// Handle the error appropriately
break;
case SslError.SSL_IDMISMATCH:
// Certificate hostname mismatch
// Handle the error appropriately
break;
case SslError.SSL_NOTYETVALID:
// Certificate is not yet valid
// Handle the error appropriately
break;
}
// Cancel the connection
// This prevents the WebView from loading the content
handler.cancel();
}
}Remediation
Properly handle SSL errors and only proceed with the connection if the SSL certificate is valid and trusted.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0623 |
| Category | Web |
| Severity | MEDIUM |
| CWE | CWE-295 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | SSL, TLS, Certificate Validation |
| OWASP | A3:2017-Sensitive Data Exposure, A02:2021-Cryptographic Failures |