General Information

Fake Chain-of-Trust Certificate Abuse

Variants:
Direct 

Vector Type:
Attack

Relevance:
Generic

Layer:
Web-Infrastructure-Level

Platforms:
Any

Target Type:
Application

Affected Mechanisms:
Communication Encryption, Hardening

Invented In:
01/02/1995

Added In:
22/12/2014


Vector Operation Method:
Failure to follow and validate chain of trust in certificate validation enables attackers to abuse certificates with broken chain of trust.


Direct Variant:

Broken Chain-of-Trust Certificate Abuse

Also Known As:
Fake Chain-of-Trust Certificate Abuse

Typical Severity:
Medium

Resources:

White Papers:

Learn More: