The product does not check or incorrectly checks the revocation status of a certificate, which may cause it to use a certificate that has been compromised.
An improper check for certificate revocation is a far more serious flaw than related certificate failures. This is because the use of any revoked certificate is almost certainly malicious. The most common reason for certificate revocation is compromise of the system in question, with the result that no legitimate servers will be using a revoked certificate, unless they are sorely out of sync.
Ensure that certificates are checked for revoked status.
If certificate pinning is being used, ensure that all relevant properties of the certificate are fully validated before the certificate is pinned, including the revoked status.
Trust may be assigned to an entity who is not who it claims to be.
Data from an untrusted (and possibly malicious) source may be integrated.
Data may be disclosed to an entity impersonating a trusted entity, resulting in information disclosure.
Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness: High