Improper Certificate Validation
Description
A HostnameVerifier that accepts any host is often used because of certificate reuse on many hosts. As a consequence, this is vulnerable to Man-in-the-middle attacks since the client will trust any certificate.
Examples
Insecure Code
scala
val httpClient = new DefaultHttpClient()Secure Code
scala
val httpClient = new DefaultHttpClient() { override def createSSLContext = { ... custom implementation ... } }Remediation
Implement a custom HostnameVerifier to validate the hostname of the server against the hostname in the server's certificate.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0030 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-295 |
| Confidence | HIGH |
| Impact | HIGH |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | SSL, TLS, Certificate Validation |
| OWASP | N/A |