Improper Certificate Validation
Description
The `X509TrustManager` has been configured to return null, effectively disabling the validation of server or client certificates. This could allow an adversary to launch a Man-in-the-Middle (MITM) attack, intercepting potentially sensitive information or injecting malicious content into the communication stream.
Examples
Insecure Code
java
public void checkClientTrusted(...) {}Secure Code
java
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init((KeyStore) null);
SSLContext tlsContext = SSLContext.getInstance("TLS");
tlsContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());Remediation
Use the default `TrustManager` instead of implementing a custom one. If a custom implementation is necessary, properly implement `checkServerTrusted` and `checkClientTrusted` by throwing a `CertificateException` for invalid certificates.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0702 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-295 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | certificate validation, MITM attack |
| OWASP | A6:2017-Security Misconfiguration, A05:2021-Security Misconfiguration |