CWE-370
Missing Check for Certificate Revocation after Initial Check
The product does not check the revocation status of a certificate after its initial revocation check, which can cause the product to perform privileged actions even after the certificate is revoked at a later time.
Official CWE-370 definition at MITREImpactr finds and proves weaknesses like CWE-370 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist