Vulnerabilities > Improper Validation of Certificate with Host Mismatch

DATE CVE VULNERABILITY TITLE RISK
2019-04-04 CVE-2014-3603 Improper Validation of Certificate with Host Mismatch vulnerability in Shibboleth Identity Provider and Opensaml Java
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
network
high complexity
shibboleth CWE-297
5.9
2018-08-30 CVE-2018-10936 Improper Validation of Certificate with Host Mismatch vulnerability in multiple products
A weakness was found in postgresql-jdbc before version 42.2.5.
network
high complexity
postgresql redhat CWE-297
8.1
2017-11-07 CVE-2017-2912 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
5.9
2017-11-07 CVE-2017-2911 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
5.9
2016-09-09 CVE-2016-1280 Improper Validation of Certificate with Host Mismatch vulnerability in Juniper Junos
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.
network
low complexity
juniper CWE-297
6.5