/
bypass-tls-verification.yaml
51 lines (51 loc) · 1.54 KB
/
bypass-tls-verification.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
rules:
- id: bypass-tls-verification
message: >-
Checks for redefinitions of the checkServerTrusted function in the X509TrustManager class that disables
TLS/SSL certificate
verification.
This should only be used for debugging purposes because it leads to vulnerability to MTM attacks.
severity: WARNING
metadata:
likelihood: MEDIUM
impact: MEDIUM
confidence: MEDIUM
category: security
cwe: 'CWE-319: Cleartext Transmission of Sensitive Information'
owasp: 'A03:2017 - Sensitive Data Exposure'
references:
- https://riptutorial.com/java/example/16517/temporarily-disable-ssl-verification--for-testing-purposes-
- https://stackoverflow.com/questions/35530558/how-to-fix-unsafe-implementation-of-x509trustmanager-in-android-app?rq=1
subcategory:
- vuln
technology:
- java
vulnerability: Insecure Transport
languages: [java]
patterns:
- pattern: |
new X509TrustManager() {
...
public void checkClientTrusted(X509Certificate[] certs, String authType) {...}
...
}
- pattern-not: |
new X509TrustManager() {
...
public void checkServerTrusted(X509Certificate[] certs, String authType) {
...
throw new CertificateException(...);
...
}
...
}
- pattern-not: |
new X509TrustManager() {
...
public void checkServerTrusted(X509Certificate[] certs, String authType) {
...
throw new IllegalArgumentException(...);
...
}
...
}