CWE-297: CWE-297

Total CVEs

Critical

High

6.9

Avg CVSS

Yearly Trend

2026

2025

2024

2021

Top Affected Vendors

1 Fortinet 2

2 Apache 2

3 Ibm 1

4 Redhat 1

5 Progress 1

6 Haxx 1

7 Sap 1

8 Avtech 1

9 Jetbrains 1

10 Couchbase 1

All CWE-297 CVEs (17)

CVE-2025-46408

9.8

This vulnerability in AVTECH EagleEyes 2.0.0 disables HTTPS hostname verification, allowing man-in-the-middle attacks. Attackers can intercept and man...

Sep 15, 2025

CVE-2025-68637

9.1

This vulnerability allows attackers to perform Man-in-the-Middle attacks on all REST API communications between Uniffle CLI/client and Coordinator ser...

Jan 7, 2026

CVE-2021-33695

9.1

CVE-2021-33695 is a certificate validation vulnerability in SAP Cloud Connector that allows attackers to intercept and potentially manipulate communic...

Sep 15, 2021

CVE-2025-3501

8.2

This vulnerability in Keycloak allows attackers to bypass certificate verification by setting a verification policy to 'ALL', which unintentionally sk...

Apr 29, 2025

CVE-2025-25253

7.5

This vulnerability allows man-in-the-middle attackers to intercept and tamper with connections to Fortinet's ZTNA proxy by exploiting improper certifi...

Oct 14, 2025

CVE-2024-34447

7.5

This vulnerability in Bouncy Castle's TLS implementation allows DNS poisoning attacks to bypass hostname verification when SSL sockets are created wit...

May 3, 2024

CVE-2026-26214

7.4

This vulnerability in the Galaxy FDS Android SDK disables TLS hostname verification, allowing man-in-the-middle attackers to intercept and modify comm...

Feb 12, 2026

CVE-2020-14387

7.4

A certificate validation flaw in rsync allows man-in-the-middle attacks when using rsync over SSL/TLS. Attackers can intercept and modify data transfe...

May 27, 2021

CVE-2024-12925

7.3

This vulnerability in Akınsoft QR Menü allows attackers to perform HTTP response splitting attacks by exploiting improper certificate validation wit...

Sep 1, 2025

CVE-2024-7346

7.2

This vulnerability allows attackers to bypass TLS host name validation when OpenEdge default certificates are used for network connections, enabling m...

Sep 3, 2024

CVE-2024-49782

6.8

This vulnerability in IBM OpenPages with Watson allows attackers to spoof mail server identity when SSL/TLS security is used. Attackers could intercep...

Feb 20, 2025

CVE-2024-8285

5.9

CVE-2024-8285 is a TLS hostname verification bypass vulnerability in Kroxylicious that allows man-in-the-middle attackers to intercept and manipulate ...

Aug 30, 2024

CVE-2025-15079

5.3

This vulnerability in libcurl allows SSH-based transfers (SCP/SFTP) to accept connections to hosts not listed in the specified known_hosts file if tho...

Jan 8, 2026

CVE-2025-49015

4.9

The Couchbase .NET SDK before version 3.7.1 has a TLS certificate validation vulnerability where hostname verification is disabled by default. This al...

Jun 18, 2025

CVE-2025-68161

4.8

This vulnerability in Apache Log4j Core allows man-in-the-middle attackers to intercept or redirect encrypted log traffic when TLS hostname verificati...

Dec 18, 2025

CVE-2024-54019

4.8

This vulnerability in Fortinet FortiClient for Windows allows attackers to redirect VPN connections through DNS spoofing or other redirection methods ...

Jun 10, 2025

CVE-2025-42921

4.2

The JetBrains Toolbox App before version 2.6 had missing SSH host key verification in its SSH plugin, allowing potential man-in-the-middle attacks. Th...

Apr 17, 2025

About CWE-297 (CWE-297)

Our database tracks 17 CVEs classified as CWE-297, with 3 rated critical and 7 rated high severity. The average CVSS score for CWE-297 vulnerabilities is 6.9.

External reference: View CWE-297 on MITRE CWE →

Monitor CWE-297 Vulnerabilities

Get alerted when new CWE-297 CVEs affect your infrastructure.

Start Monitoring Free