Unrated severityNVD Advisory· Published May 14, 2015· Updated Jun 17, 2026
CVE-2015-3644
CVE-2015-3644
Description
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*+ 14 more
- cpe:2.3:a:stunnel:stunnel:5.00:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.01:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.02:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.03:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.04:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.05:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.06:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.07:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.08:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.09:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.10:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.11:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.12:*:*:*:*:*:*:*
- cpe:2.3:a:stunnel:stunnel:5.13:*:*:*:*:*:*:*
- (no CPE)range: >=5.00, <=5.13
- osv-coords3 versionspkg:rpm/opensuse/stunnel&distro=openSUSE%20Tumbleweedpkg:rpm/suse/stunnel&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/stunnel&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012
< 5.65-1.1+ 2 more
- (no CPE)range: < 5.65-1.1
- (no CPE)range: < 5.00-3.1
- (no CPE)range: < 5.00-3.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.