CWE-297: Improper Validation of Certificate with Host Mismatch
Learn about CWE-297 (Improper Validation of Certificate with Host Mismatch), its security impact, exploitation methods, and prevention guidelines.
What is Improper Validation of Certificate with Host Mismatch?
• Overview: Improper Validation of Certificate with Host Mismatch (CWE-297) occurs when a product communicates with a host and accepts a certificate without verifying that the certificate is specifically associated with that host, potentially allowing an attacker to impersonate a trusted host.
• Exploitation Methods:
- Attackers can exploit this vulnerability by using a valid certificate from a different site to impersonate a trusted host.
- Common attack patterns include redirection or spoofing attacks, and using certificates with names that trick string-based comparisons, such as those containing NUL bytes.
• Security Impact:
- Direct consequences of successful exploitation include unauthorized access and data interception.
- Potential cascading effects include data breaches and loss of data integrity.
- Business impact could involve reputational damage, financial loss, and legal liabilities.
• Prevention Guidelines:
- Specific code-level fixes include implementing proper hostname verification by checking the Common Name (CN) or Subject Alternative Name (SAN) against the expected host.
- Security best practices involve using strict certificate validation and avoiding common pitfalls like improperly handling NUL bytes in names.
- Recommended tools and frameworks to ensure proper validation include using libraries and APIs that adhere to strict certificate validation standards, such as OpenSSL or Java's built-in SSL handling with hostname verification enabled.
Technical Details
Likelihood of Exploit:
Affected Languages: Not Language-Specific
Affected Technologies: Mobile, Not Technology-Specific
Vulnerable Code Example
Python Example
import ssl
import socket
def create_vulnerable_ssl_connection():
context = ssl.create_default_context()
# Vulnerable code: does not verify that the certificate matches the host
context.check_hostname = False # Disables hostname verification
connection = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname="example.com")
connection.connect(("example.com", 443))
# Hostname verification is disabled, potential for MITM attacks
connection.settimeout(10)
print("Connected to example.com")
connection.close()
create_vulnerable_ssl_connection()
In this vulnerable code example, the check_hostname attribute is explicitly set to False, which disables the verification of the server's certificate against the expected hostname. This oversight can allow a man-in-the-middle (MITM) attacker to intercept and potentially alter the communication.
How to fix Improper Validation of Certificate with Host Mismatch?
Improper validation of certificates with host mismatch can lead to man-in-the-middle (MITM) attacks, where an attacker intercepts communication between the client and the intended server. To prevent this, you need to ensure that the SSL/TLS connection properly verifies the hostname in the certificate against the expected hostname.
Fix Approach:
- Enable Hostname Verification: Use an SSL context that verifies the server's certificate against the hostname you expect to connect to.
- Use
server_hostnameParameter: Ensure theserver_hostnameparameter is set to the expected server hostname during the handshake, which allows Python to verify the certificate's hostname automatically.
Fixed Code Example
import ssl
import socket
def create_secure_ssl_connection():
context = ssl.create_default_context()
# Fixed code: Ensures the server's certificate matches the expected hostname
context.check_hostname = True # Ensures hostname verification is enabled
connection = context.wrap_socket(socket.socket(socket.AF_INET), server_hostname="example.com")
connection.connect(("example.com", 443))
# Hostname verification is enabled by default in Python's SSL module
print("Securely connected to example.com")
connection.close()
create_secure_ssl_connection()
In this fixed code example, the check_hostname attribute is set to True, which is the default behavior for Python's SSL context. This ensures that the server's certificate is verified against the expected hostname "example.com", effectively mitigating the risk of MITM attacks by enforcing proper hostname verification during the SSL/TLS handshake.