CVE-2021-38161
published 2021-11-03CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | traffic_server | 8.0.0 – 8.0.8 | — |
| apache_software_foundation | apache_traffic_server | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | trafficserver | < trafficserver 9.1.0+ds-1 (bookworm) | trafficserver 9.1.0+ds-1 (bookworm) |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
osv8.1HIGH