This weakness describes a case where software uses SSL/TLS connection but fails to properly verify that the certificate is associated withe the hostname.