SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CWE

Certificate Issues

ID: 295		Date: (C)2012-05-14 (M)2022-10-10
Type: category		Status: INCOMPLETE

Description

Certificates should be carefully managed and checked to assure that data are encrypted with the intended owner's public key.

Applicable Platforms
Language Class: All

Related Attack Patterns

Common Consequences
None

Detection Methods
None

Potential Mitigations
None

Relationships

Related CWE	Type	View	Chain
CWE-295 ChildOf CWE-731	Category	CWE-711

Demonstrative Examples
None

White Box Definitions
None

Black Box Definitions
None

Taxynomy Mappings

Taxynomy	Id	Name	Fit
OWASP Top Ten 2004	A10	Insecure Configuration Management	CWE_More_Specific

References:

M. Bishop .Computer Security: Art and Science. Addison-Wesley. Published on 2003.