SSL.com TLS Certificate Misissuance Vulnerability via Domain Validation Method Bypass

A vulnerability exists in SSL.com that allows for the misissuance of TLS certificates through a bypass of the domain validation process. This issue arises when using the 'Email to DNS TXT Contact' validation method, as specified in the SSL.com Certificate Policy/Certification Practice Statement (CP/CPS). The vulnerability enables the issuance of a certificate for a domain name associated with the requester's email address, without requiring the requester to demonstrate actual administrative control over that domain. This flaw was introduced by an architectural change that incorrectly linked domain validation to the email domain of the approver, rather than the requested domain. As a result, certificates were issued for domains not under the subscriber's control, including major email providers and large enterprises.

Impact

The vulnerability led to the incorrect issuance of TLS certificates for domains not controlled by the requester, allowing for potential man-in-the-middle attacks or the impersonation of legitimate websites.

Reproduction

To reproduce this vulnerability, request a TLS certificate from SSL.com using the 'Email to DNS TXT Contact' validation method. Select an email address from a domain that is not under your control. SSL.com will issue a certificate for that domain, bypassing the validation process.

Remediation

SSL.com has disabled the 'Email to DNS TXT Contact' validation method, revoked the misissued certificates, and implemented a patch to correct the validation process. The company is also expanding its test coverage to include scenarios where the email domain differs from the validated domain.