By weakness (CWE)

CWE-295: related vulnerabilities

CVEs classified under CWE-295. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

2 published vulnerabilities

  • CVE-2026-41859HIGH 7.8

    BOSH nats-sync, a component that synchronizes NATS authorization data with BOSH director state, fails to validate SSL/TLS certificates when communicating with the BOSH director. An attacker positioned on the network between nats-sync and the director can intercept traffic, steal administrative credentials (HTTP Basic auth headers or UAA client secrets), and modify the list of VMs that nats-sync writes to the NATS authorization file. This combination of credential theft and authorization tampering could grant attackers full administrative control of the BOSH deployment.

  • CVE-2026-44393HIGH 7.4

    OpenStack's oslo.messaging library contains a critical flaw in how it validates TLS certificates when connecting to RabbitMQ brokers. The driver accepts any certificate signed by your organization's CA without checking that it actually belongs to the RabbitMQ server you're trying to reach. This means an attacker positioned on your network could intercept traffic, present a valid (but wrong) certificate, and trick OpenStack services into sending sensitive control-plane messages to the attacker instead of RabbitMQ. The vulnerability affects all versions from 1.0.0 through 17.3.0.