CWE-593—Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
PUBLISHEDweakness record
released 2006-12-15 · last modified 2025-12-11
Metadata
名称
Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created
描述
The product modifies the SSL context after connection creation has begun.
If the program modifies the SSL_CTX object after creating SSL objects from it, there is the possibility that older SSL objects created from the original context could all be affected by that change.