Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-23048

Опубликовано: 10 июл. 2025
Источник: debian

Описание

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
apache2fixed2.4.64-1package
apache2no-dsabookwormpackage

Примечания

  • https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2025-23048

  • Fixed by: https://github.com/apache/httpd/commit/c4cfa50c9068e8b8134c530ab21674e77d1278a2

  • possible regression for misconfigured load balancer

  • NEWS: https://salsa.debian.org/apache-team/apache2/-/blob/0874e522244079e8436b576ac7ae0527f2ce97f1/debian/apache2.NEWS

Связанные уязвимости

ubuntu логотип

CVE-2025-23048

CVSS3: 9.1
ubuntu
около 1 месяца назад

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.

redhat логотип

CVE-2025-23048

CVSS3: 7.5
redhat
около 1 месяца назад

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.

nvd логотип

CVE-2025-23048

CVSS3: 9.1
nvd
около 1 месяца назад

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configurations are affected when mod_ssl is configured for multiple virtual hosts, with each restricted to a different set of trusted client certificates (for example with a different SSLCACertificateFile/Path setting). In such a case, a client trusted to access one virtual host may be able to access another virtual host, if SSLStrictSNIVHostCheck is not enabled in either virtual host.

msrc логотип

CVE-2025-23048

CVSS3: 9.1
msrc
около 1 месяца назад

Описание отсутствует

redos логотип

ROS-20250724-11

CVSS3: 9.1
redos
29 дней назад

Уязвимость httpd