Skip to content

C#: Add query for insecure certificate validation #838

New issue
New issue
Closed
Closed
C#: Add query for insecure certificate validation#838
Assignees
Kwstubbs
Labels
All For OneSubmissions to the All for One, One for All bounty
@intrigus-lgtm

Description

@intrigus-lgtm
intrigus-lgtm
opened on Jun 25, 2024

Query PR

github/codeql#16824

Language

C#

CVE(s) ID list

CVE in disclosure process

CWE

CWE-295

Report

If a RemoteCertificateValidationCallback delegate always returns true and is used in e.g. ServicePointManager.ServerCertificateValidationCallback, it trusts any certificate.
As the RemoteCertificateValidationCallback trusts any certificate, an attacker can create a self-signed certificate that will be accepted as any certificate is trusted. This leads to a MiTM attack against the connection thereby stealing sensitive secrets such as login data or other tokens is possible.

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

  • Yes
  • No

Blog post link

No response

Metadata

Metadata

Assignees

Labels

All For OneSubmissions to the All for One, One for All bounty

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions