Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

CWE-358: Improperly Implemented Security Check for Standard | Mondoo Vulnerability Intelligence

CWE-358

BaseDraft

View on MITRE

Improperly Implemented Security Check for Standard

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

63 linked vulnerabilities

4 related weaknesses

Access ControlBypass Protection Mechanism

Modes of Introduction

Architecture and DesignImplementation

Related Weaknesses

CWE-573ChildOf CWE-693ChildOf CWE-345CanAlsoBe CWE-290CanAlsoBe

Example CVEs (8)

CVE-2002-0862

Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.

CVE-2002-0970

Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.

CVE-2002-1407

Browser does not verify Basic Constraints of a certificate, even though it is required, allowing spoofing of trusted certificates.

CVE-2005-0198

Logic error prevents some required conditions from being enforced during Challenge-Response Authentication Mechanism with MD5 (CRAM-MD5).

CVE-2004-2163

Shared secret not verified in a RADIUS response packet, allowing authentication bypass by spoofing server replies.

External Links

MITRE CWE Database

CWE-358

Improperly Implemented Security Check for Standard

Common Consequences (1)

Modes of Introduction

Related Weaknesses

Example CVEs (8)

External Links