CWE-370: Missing Check for Certificate Revocation after Initial Check
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The product does not check the revocation status of a certificate after its initial revocation check, which can cause the product to perform privileged actions even after the certificate is revoked at a later time.
扩展描述
If the revocation status of a certificate is not checked before each action that requires privileges, the system may be subject to a race condition. If a certificate is revoked after the initial check, all subsequent actions taken with the owner of the revoked certificate will lose all benefits guaranteed by the certificate. In fact, it is almost certain that the use of a revoked certificate indicates malicious activity.
常见后果
影响范围: Access Control
技术影响: Gain Privileges or Assume Identity
说明: Trust may be assigned to an entity who is not who it claims to be.
影响范围: Integrity
技术影响: Modify Application Data
说明: Data from an untrusted (and possibly malicious) source may be integrated.
影响范围: Confidentiality
技术影响: Read Application Data
说明: Data may be disclosed to an entity impersonating a trusted entity, resulting in information disclosure.
潜在缓解措施
阶段: Architecture and Design
描述: Ensure that certificates are checked for revoked status before each use of a protected resource. If the certificate is checked before each access of a protected resource, the delay subject to a possible race condition becomes almost negligible and significantly reduces the risk associated with this issue.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| CLASP | - | Race condition in checking for certificate revocation | - |
| Software Fault Patterns | SFP20 | Race Condition Window | - |
关键信息
CWE ID: CWE-370
抽象级别: Variant
结构: Simple
状态: Draft
利用可能性: Medium