Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

C#: Add query for insecure certificate validation #838

Open
1 of 2 tasks
intrigus-lgtm opened this issue Jun 25, 2024 · 0 comments
Open
1 of 2 tasks

C#: Add query for insecure certificate validation #838

intrigus-lgtm opened this issue Jun 25, 2024 · 0 comments
Assignees
@Kwstubbs
Labels
All For One Submissions to the All for One, One for All bounty

Comments

@intrigus-lgtm
Copy link
Contributor

Query PR

github/codeql#16824

Language

C#

CVE(s) ID list

CVE in disclosure process

CWE

CWE-295

Report

If a RemoteCertificateValidationCallback delegate always returns true and is used in e.g. ServicePointManager.ServerCertificateValidationCallback, it trusts any certificate.
As the RemoteCertificateValidationCallback trusts any certificate, an attacker can create a self-signed certificate that will be accepted as any certificate is trusted. This leads to a MiTM attack against the connection thereby stealing sensitive secrets such as login data or other tokens is possible.

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

  • Yes
  • No

Blog post link

No response
@intrigus-lgtm intrigus-lgtm added the All For One Submissions to the All for One, One for All bounty label Jun 25, 2024
@Kwstubbs Kwstubbs self-assigned this Jul 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Kwstubbs Kwstubbs

Labels
All For One Submissions to the All for One, One for All bounty
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Kwstubbs @intrigus-lgtm