Back to CWE list
CWE-347
Improper Verification of Cryptographic Signature
Base
Draft
Description
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Access Control
Integrity
Confidentiality
Impact
Gain Privileges or Assume Identity, Modify Application Data, Execute Unauthorized Code or Commands
CVE-2002-1796Does not properly verify signatures for "trusted" entities.
CVE-2005-2181Insufficient verification allows spoofing.
CVE-2005-2182Insufficient verification allows spoofing.
CVE-2002-1706Accepts a configuration file without a Message Integrity Check (MIC) signature.
Applicable Platforms
Not Language-Specific
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now