Improper Validation of Certificate Expiration
Draft Variant
Structure: Simple
Description
A certificate expiration is not validated or is incorrectly validated, so trust may be assigned to certificates that have been abandoned due to age.
When the expiration of a certificate is not taken into account, no trust has necessarily been conveyed through it. Therefore, the validity of the certificate cannot be verified and all benefit of the certificate is lost.
Common Consequences 2
Scope: IntegrityOther
Impact: Other
The data read from the system vouched for by the expired certificate may be flawed due to malicious spoofing.
Scope: AuthenticationOther
Impact: Other
Trust afforded to the system in question - based on the expired certificate - may allow for spoofing attacks.
Potential Mitigations 2
Phase: Architecture and Design
Check for expired certificates and provide the user with adequate information about the nature of the problem and how to proceed.
Phase: Implementation
If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the expiration.
Demonstrative Examples 1
ID : DX-123
The following OpenSSL code ensures that there is a certificate and allows the use of expired certificates.Code Example:
Bad
C
c//do stuff*
If the call to SSL_get_verify_result() returns X509_V_ERR_CERT_HAS_EXPIRED, this means that the certificate has expired. As time goes on, there is an increasing chance for attackers to compromise the certificate.
References 2
The CLASP Application Security Process
Secure Software, Inc.
2005
ID: REF-18
24 Deadly Sins of Software Security
Michael Howard, David LeBlanc, and John Viega
McGraw-Hill
2010
ID: REF-44
Likelihood of Exploit
Low
Applicable Platforms
Languages:
Not Language-Specific : Undetermined
Modes of Introduction
Implementation
Implementation
Related Weaknesses
Taxonomy Mapping
- CLASP