Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-0466

Improper Certificate Validation

Published: Mar 28, 2023 | Modified: Feb 19, 2025
CVSS 3.x
5.3
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
5.3 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Ubuntu
NEGLIGIBLE
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-0466
CWEhttps://cwe.mitre.org/data/definitions/295.html

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.

As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function.

Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.

Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.

Weakness

The product does not validate, or incorrectly validates, a certificate.

Affected Software

NameVendorStart VersionEnd Version
OpensslOpenssl1.0.2 (including)1.0.2zh (excluding)
OpensslOpenssl1.1.1 (including)1.1.1u (excluding)
OpensslOpenssl3.0.0 (including)3.0.9 (excluding)
OpensslOpenssl3.1.0 (including)3.1.1 (excluding)
JBoss Core Services for RHEL 8RedHatjbcs-httpd24-openssl-1:1.1.1k-16.el8jbcs*
JBoss Core Services on RHEL 7RedHatjbcs-httpd24-openssl-1:1.1.1k-16.el7jbcs*
Red Hat Enterprise Linux 9RedHatopenssl-1:3.0.7-16.el9_2*
Red Hat Enterprise Linux 9RedHatopenssl-1:3.0.7-16.el9_2*
Red Hat JBoss Web Server 5RedHatopenssl*
Red Hat JBoss Web Server 5.7 on RHEL 7RedHatjws5-tomcat-native-0:1.2.31-16.redhat_16.el7jws*
Red Hat JBoss Web Server 5.7 on RHEL 8RedHatjws5-tomcat-native-0:1.2.31-16.redhat_16.el8jws*
Red Hat JBoss Web Server 5.7 on RHEL 9RedHatjws5-tomcat-native-0:1.2.31-16.redhat_16.el9jws*
Text-Only JBCSRedHatopenssl*
Edk2Ubuntubionic*
Edk2Ubuntuesm-infra/focal*
Edk2Ubuntufocal*
Edk2Ubuntujammy*
Edk2Ubuntukinetic*
Edk2Ubuntulunar*
Edk2Ubuntumantic*
Edk2Ubuntutrusty*
Edk2Ubuntuxenial*
NodejsUbuntuesm-apps/jammy*
NodejsUbuntujammy*
NodejsUbuntutrusty*
OpensslUbuntubionic*
OpensslUbuntudevel*
OpensslUbuntuesm-infra-legacy/trusty*
OpensslUbuntuesm-infra/bionic*
OpensslUbuntuesm-infra/focal*
OpensslUbuntuesm-infra/xenial*
OpensslUbuntufips-preview/jammy*
OpensslUbuntufips-updates/bionic*
OpensslUbuntufips-updates/focal*
OpensslUbuntufips-updates/jammy*
OpensslUbuntufips-updates/xenial*
OpensslUbuntufips/bionic*
OpensslUbuntufips/focal*
OpensslUbuntufips/xenial*
OpensslUbuntufocal*
OpensslUbuntujammy*
OpensslUbuntukinetic*
OpensslUbuntulunar*
OpensslUbuntumantic*
OpensslUbuntunoble*
OpensslUbuntuoracular*
OpensslUbuntuplucky*
OpensslUbuntuquesting*
OpensslUbuntutrusty*
OpensslUbuntutrusty/esm*
OpensslUbuntuupstream*
OpensslUbuntuxenial*
Openssl1.0Ubuntubionic*
Openssl1.0Ubuntuesm-infra/bionic*

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use