CVE-2021-38161

high

Description

Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.

References

https://www.debian.org/security/2022/dsa-5153

https://lists.apache.org/thread/k01797hyncx53659wr3o72s5cvkc3164

Details

Source: Mitre, NVD

Published: 2021-11-03

Updated: 2022-10-25

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: High

Detections

Analytics