Skip to content

Insecure TLS certificate domain name validation

Insecure TLS certificate domain name validation

Description

The application does not perform proper TLS certificate validation, which makes it vulnerable to man-in-the-middle attacks.

Recommendation

It is recommended to apply proper TLS certificate validation. A compliant solution depends on actual implementation.

Standards