Insecure TLS certificate validation (accept self-signed certificate)

Insecure TLS certificate validation (accept self-signed certificate)

Risk: high

Description

The application accepts self-signed certificates making it vulnerable to man-in-the-middle (MITM) attacks.

Recommendation

By default, SSL certificates are validated. If it's not the case with your application, consider:

1. Avoid tampering with SSL classes: Avoid overriding TrustManager or SSLSocketFactory to allow invalid certificates.
2. Certificate Pinning: Implement certificate pinning to ensure that the application only accepts certificates from trusted sources. By hardcoding or storing trusted certificates within the application, it can verify the authenticity of the server's certificate during the SSL/TLS handshake process, thereby preventing MITM attacks using self-signed certificates.

Links

• Improper Certificate Validation - CWE

Standards

• PCI_STANDARDS:
  • REQ_2_2
  • REQ_4_2
  • REQ_11_3
• SOC2_CONTROLS:
  • CC_2_1
  • CC_4_1
  • CC_7_1
  • CC_7_2
  • CC_7_4
  • CC_7_5