CWE-299
Overview
- CWE ID
- 299
- CWE Name
- Improper Check for Certificate Revocation
- CWE Abstraction
- Base
- CWE structure
- Simple
- CWE Status
- Draft
Description
The software does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.
Extended Description
An improper check for certificate revocation is a far more serious flaw than related certificate failures. This is because the use of any revoked certificate is almost certainly malicious. The most common reason for certificate revocation is compromise of