VYPR
Unrated severityNVD Advisory· Published Nov 3, 2021· Updated Aug 4, 2024

Not validating origin TLS certificate

CVE-2021-38161

Description

Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.

Affected products

2
  • Apache/Traffic Serverllm-fuzzy2 versions
    >=8.0.0 <=8.0.8+ 1 more
    • (no CPE)range: >=8.0.0 <=8.0.8
    • (no CPE)range: 8.0.0 to 8.0.8

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.