Description
The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.
Extended Description
An improper check for certificate revocation is a far more serious flaw than related certificate failures. This is because the use of any revoked certificate is almost certainly malicious. The most common reason for certificate revocation is compromise of the system in question, with the result that no legitimate servers will be using a revoked certificate, unless they are sorely out of sync.
CVE vulnerabilities with CWE-299 (9)
9.1
CVSS
CRITICAL
CVE-2026-4428
pub. 2026-03-19
8.3
CVSS
HIGH
CVE-2020-1675
pub. 2020-10-16
8.2
CVSS
HIGH
CVE-2025-11955
pub. 2025-10-27
8.1
CVSS
HIGH
CVE-2025-3085
pub. 2025-04-01
7.0
CVSS
HIGH
CVE-2023-23690
pub. 2023-01-19
6.4
CVSS
MEDIUM
CVE-2020-16228
pub. 2020-09-11
5.6
CVSS
MEDIUM
CVE-2026-6899
pub. 2026-06-09
5.2
CVSS
MEDIUM
CVE-2025-36057
pub. 2025-07-21
4.0
CVSS
MEDIUM
CVE-2024-56138
pub. 2025-01-13