Описание
Traefik is an open source HTTP reverse proxy and load balancer. In affected versions there is a potential vulnerability in Traefik managing TLS connections. A router configured with a not well-formatted TLSOption is exposed with an empty TLSOption. For instance, a route secured using an mTLS connection set with a wrong CA file is exposed without verifying the client certificates. Users are advised to upgrade to version 2.9.6. Users unable to upgrade should check their logs to detect the error messages and fix your TLS options.
Ссылки
- ProductVendor Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- MitigationPatchThird Party Advisory
- ProductVendor Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- MitigationPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2.9.6 (исключая)
cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00404
Низкий
8.1 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-295
CWE-295
Связанные уязвимости
CVSS3: 8.1
debian
около 3 лет назад
Traefik is an open source HTTP reverse proxy and load balancer. In aff ...
EPSS
Процентиль: 60%
0.00404
Низкий
8.1 High
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-295
CWE-295