CWE-297
Improper Validation of Certificate with Host Mismatch
The product communicates with a host that provides a certificate, but the product does not properly ensure that the certificate is actually associated with that host.
Official CWE-297 definition at MITREImpactr finds and proves weaknesses like CWE-297 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist