Insecure TLS Certificate Chain Verification in OWASP ZAP (w2022-03-21)
CVE-2022-27820 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
OWASP Zed Attack Proxy (ZAP) through w2022-03-21 does not verify the TLS certificate chain of an HTTPS server.
Learn more about our Cis Benchmark Audit For Server Software.