Vulnerabilities > Improper Validation of Certificate with Host Mismatch

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-24568 Improper Validation of Certificate with Host Mismatch vulnerability in Dell Networker
Dell NetWorker, contains an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port which could disallow replacing CA signed certificates.
network
low complexity
dell CWE-297
4.3
2021-05-27 CVE-2020-14387 Improper Validation of Certificate with Host Mismatch vulnerability in Samba Rsync
A flaw was found in rsync in versions since 3.2.0pre1.
network
samba CWE-297
5.8
2021-03-24 CVE-2021-21385 Improper Validation of Certificate with Host Mismatch vulnerability in Mifos Mifos-Mobile
Mifos-Mobile Android Application for MifosX is an Android Application built on top of the MifosX Self-Service platform.
network
mifos CWE-297
5.8
2021-03-10 CVE-2020-15260 Improper Validation of Certificate with Host Mismatch vulnerability in Teluu Pjsip
PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.
network
teluu CWE-297
4.3
2019-04-04 CVE-2014-3603 Improper Validation of Certificate with Host Mismatch vulnerability in Shibboleth Identity Provider and Opensaml Java
The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
4.3
2018-08-30 CVE-2018-10936 Improper Validation of Certificate with Host Mismatch vulnerability in multiple products
A weakness was found in postgresql-jdbc before version 42.2.5.
network
high complexity
postgresql redhat CWE-297
8.1
2017-11-07 CVE-2017-2912 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
2.6
2017-11-07 CVE-2017-2911 Improper Validation of Certificate with Host Mismatch vulnerability in Meetcircle Circle With Disney Firmware 2.0.1
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1.
network
high complexity
meetcircle CWE-297
2.6
2016-09-09 CVE-2016-1280 Improper Validation of Certificate with Host Mismatch vulnerability in Juniper Junos
PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos.
network
low complexity
juniper CWE-297
6.4
2014-08-19 CVE-2014-3522 Improper Validation of Certificate With Host Mismatch vulnerability in multiple products
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
network
high complexity
apache opensuse canonical apple CWE-297
4.0