CWE-948: SFP Secondary Cluster: Digital Certificate
ID
CWE-948
Status
Incomplete
This category identifies Software Fault Patterns (SFPs) within the Digital Certificate cluster.
Relationships
View | Weakness | ||||||
---|---|---|---|---|---|---|---|
# ID | Name | # ID | Name | Abstraction | Structure | Status | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-296 | Improper Following of a Certificate's Chain of Trust | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-297 | Improper Validation of Certificate with Host Mismatch | Variant | Simple | Incomplete | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-298 | Improper Validation of Certificate Expiration | Variant | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-299 | Improper Check for Certificate Revocation | Base | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-593 | Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created | Variant | Simple | Draft | |
CWE-888 | Software Fault Pattern (SFP) Clusters | CWE-599 | Missing Validation of OpenSSL Certificate | Variant | Simple | Incomplete |
Loading...