Fake Chain-of-Trust Certificate Abuse
Variants:
Direct
Vector Type:
Attack
Relevance:
Generic
Layer:
Web-Infrastructure-Level
Platforms:
Any
Target Type:
Application
Affected Mechanisms:
Communication Encryption, Hardening
Invented In:
01/02/1995
Added In:
22/12/2014
Vector Operation Method:
Failure to follow and validate chain of trust in certificate validation enables attackers to abuse certificates with broken chain of trust.
