# Improper Certificate Validation (CWE-295)

The product does not validate, or incorrectly validates, a certificate.

**Stack:** JavaScript

- Prevalence: मध्यम 3 भाषाएँ कवर की गईं
- Impact: उच्च 4 उच्च गंभीरता वाले नियम
- Prevention: प्रलेखित 4 फिक्स उदाहरण

**OWASP:** Identification and Authentication Failures (A07:2021-Identification and Authentication Failures) - #7

## Description

When a certificate is invalid or malicious, it might allow an attacker to spoof a trusted entity by interfering in the communication path between the host and client.

## Prevention

1 Shoulder डिटेक्शन नियमों पर आधारित Improper Certificate Validation के लिए रोकथाम रणनीतियाँ।

### JavaScript

Keep certificate verification enabled and enforce TLS 1.2 or higher

## Warning Signs

- [HIGH] insecure TLS/SSL configurations in Node

## Consequences

- सुरक्षा तंत्र को बायपास करना
- एप्लिकेशन डेटा पढ़ना
- एप्लिकेशन डेटा संशोधित करना

## Mitigations

- प्रमाणपत्रों को सावधानीपूर्वक प्रबंधित और जाँचें कि वे अब भी मान्य हैं
- यदि certificate pinning का उपयोग किया जा रहा है, तो सुनिश्चित करें कि वह सही ढंग से लागू हो
- SSL/TLS क्लाइंट प्रमाणपत्र सत्यापन का सही ढंग से उपयोग करें

## Detection

- Total rules: 4
- Languages: go, javascript, typescript, python

## Rules by Language

### Javascript (1 rules)

- **Insecure TLS/SSL Configuration** [HIGH]: Detects insecure TLS/SSL configurations in Node.js applications that weaken transport security.

Common misconfigurations:
- rejectUnauthorized: false (disables certificate validation)
- NODE_TLS_REJECT_UNAUTHORIZED=0 (globally disables TLS verification)
- Weak TLS versions (TLS 1.0, 1.1)
- Insecure SSL options in HTTPS requests

These misconfigurations allow man-in-the-middle attacks.
  - Remediation: Keep certificate verification enabled and use TLS 1.2 or higher.

```javascript
const agent = new https.Agent({
  rejectUnauthorized: true,
  minVersion: 'TLSv1.2'
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-295/insecure-tls-config

### Typescript (1 rules)

- **Insecure TLS/SSL Configuration** [HIGH]: Detects insecure TLS/SSL configurations in Node.js applications that weaken transport security.

Common misconfigurations:
- rejectUnauthorized: false (disables certificate validation)
- NODE_TLS_REJECT_UNAUTHORIZED=0 (globally disables TLS verification)
- Weak TLS versions (TLS 1.0, 1.1)
- Insecure SSL options in HTTPS requests

These misconfigurations allow man-in-the-middle attacks.
  - Remediation: Keep certificate verification enabled and use TLS 1.2 or higher.

```javascript
const agent = new https.Agent({
  rejectUnauthorized: true,
  minVersion: 'TLSv1.2'
});
```

Learn more: https://shoulder.dev/learn/javascript/cwe-295/insecure-tls-config