Log inLog in

Variant weakness

Draft

CWE-593: Authentication Bypass: OpenSSL CTX Object Modified after SSL Objects are Created

The product modifies the SSL context after connection creation has begun.

Last updated May 1, 2026

0

Recorded CVEs

With this primary weakness

0

KEVs

In the CISA KEV catalog

Not rated

Likelihood of exploit

Per MITRE

Variant

Abstraction

MITRE classification

Overview

If the program modifies the SSL_CTX object after creating SSL objects from it, there is the possibility that older SSL objects created from the original context could all be affected by that change.

Common consequences

What can happen when CWE-593 is exploited.

Bypass Protection Mechanism

Affects: Access Control

No authentication takes place in this process, bypassing an assumed protection of encryption.

Read Application Data

Affects: Confidentiality

The encrypted communication between a user and a trusted host may be subject to a sniffing attack.

How it happens

When it is introduced

Typically introduced during these phases of the software lifecycle.

Implementation

How to prevent it

Practical mitigations for CWE-593, grouped by where in the lifecycle they apply.

Architecture and Design

Use a language or a library that provides a cryptography framework at a higher level of abstraction.

Implementation

Most SSL_CTX functions have SSL counterparts that act on SSL-type objects.

Implementation

Applications should set up an SSL_CTX completely, before creating SSL objects from it.

Code examples

Illustrative examples from MITRE showing how the weakness appears in code.

The following example demonstrates the weakness.

Vulnerable example

c

#define CERT "secret.pem"

Attack patterns

CAPEC attack patterns that exploit this weakness.

CAPEC-94: Adversary in the Middle (AiTM)

Frequently asked questions

Common questions about CWE-593.

What is CWE-593?

The product modifies the SSL context after connection creation has begun.

How do you prevent CWE-593?

Use a language or a library that provides a cryptography framework at a higher level of abstraction.

What are the consequences of CWE-593?

Exploiting CWE-593 can lead to: Bypass Protection Mechanism, Read Application Data.

References

Weakness data is sourced from the MITRE CWE catalog (v4.20). CVE associations are aggregated and kept current by RadicalNotion.AI.

Stay ahead of CWE-593

Get alerted the moment a new CWE-593 vulnerability affects your stack, with AI-written analysis, severity context, and remediation guidance.

Start free See pricing

Overview

Common consequences

How it happens

When it is introduced

How to prevent it

Code examples

Related weaknesses

Parent

Attack patterns

Frequently asked questions

What is CWE-593?

How do you prevent CWE-593?

What are the consequences of CWE-593?

References

Stay ahead of CWE-593