CVE-2021-20230 – A flaw was found in stunnel before 5.57, where it improperly validates client certificates …

23 February 2021

Vuln ID: CVE-2021-20230

Published: 2021-02-23 17:15:13Z

Description: A flaw was found in stunnel before 5.57, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.

Source: NVD.NIST.GOV

Date:

23 February 2021

Categorie(s):

NVD

Tag(s):

NVD

BEC and Fund Transfer Fraud Top Insurance Claims25 April 2024
Fireblocks expands DeFi suite with threat detection features25 April 2024
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Attack Detections25 April 2024
10 Data Governance Services: What You Need to Know Before You Choose25 April 2024
All You Need To Know About Security And Privacy Score on Quick Heal antivirus25 April 2024