Описание
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
Ссылки
- Mailing ListVendor Advisory
- Third Party Advisory
- Mailing ListVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.0.0 (включая) до 8.1.0 (включая)
cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 80%
0.01437
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 8.1
ubuntu
почти 4 года назад
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
CVSS3: 8.1
debian
почти 4 года назад
Improper Authentication vulnerability in TLS origin validation of Apac ...
CVSS3: 8.1
github
почти 4 года назад
Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.
EPSS
Процентиль: 80%
0.01437
Низкий
8.1 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
CWE-287