CVE-2018-21246

CVE-2018-21246

EPSS 2.7%

Caddy before 0.10.13 mishandles TLS client authentication, as demonstrated by an authentication bypass caused by the lack of the StrictHostMatching mode.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugs.gentoo.org/715214 https://github.com/caddyserver/caddy/releases/tag/v0.10.13