CVE-2026-48247
Open ISES Tickets TLS Certificate Verification Bypass
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability disables TLS certificate verification for outbound HTTPS requests, allowing attackers to intercept, monitor, or modify sensitive data such as API keys or session tokens in transit.
Such exposure of sensitive data in transit can lead to non-compliance with common security requirements in standards and regulations like GDPR and HIPAA, which mandate protection of personal and sensitive information during transmission.
Therefore, the vulnerability increases the risk of data breaches and unauthorized data access, potentially violating these regulations' requirements for data confidentiality and integrity.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves disabled TLS certificate verification in Open ISES Tickets versions prior to 3.44.2, specifically in the file incs/functions.inc.php where CURLOPT_SSL_VERIFYPEER is set to false without setting CURLOPT_SSL_VERIFYHOST.
To detect this vulnerability on your system, you can check the source code or configuration of Open ISES Tickets to see if the affected file incs/functions.inc.php contains the insecure settings.
Suggested commands to detect the vulnerability include searching for the relevant settings in the source code:
- grep -r "CURLOPT_SSL_VERIFYPEER" /path/to/open-ises-tickets/incs/functions.inc.php
- Check if the value is set to false and if CURLOPT_SSL_VERIFYHOST is not set or set incorrectly.
Additionally, monitoring network traffic for HTTPS requests that do not properly validate certificates may help detect exploitation attempts, but specific commands for this are not provided in the available resources.
How can this vulnerability impact me? :
The vulnerability can lead to a man-in-the-middle attack where an attacker intercepts and alters the communication between your server and remote endpoints.
- Exposure of sensitive data such as API keys or session tokens.
- Potential unauthorized access or manipulation of data transmitted over HTTPS.
- Compromise of the integrity and confidentiality of outbound HTTPS requests.
Can you explain this vulnerability to me?
This vulnerability exists in Open ISES Tickets versions before 3.44.2, specifically in the file incs/functions.inc.php. It disables TLS certificate verification for outbound HTTPS requests by setting CURLOPT_SSL_VERIFYPEER to false and not setting CURLOPT_SSL_VERIFYHOST. This improper certificate validation allows an attacker positioned on the network path to present a forged certificate.
As a result, the attacker can intercept, monitor, or modify the HTTPS requests and responses, potentially exposing sensitive data such as API keys or session tokens that are transmitted.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is caused by disabled TLS certificate verification in Open ISES Tickets versions prior to 3.44.2. The immediate step to mitigate this vulnerability is to update Open ISES Tickets to version 3.44.2 or later, where the issue has been fixed.