CVE-2021-21335 – In the SPNEGO HTTP Authentication Module for nginx (spnego-http-auth-nginx-module) before …

8 March 2021

Vuln ID: CVE-2021-21335

Published: 2021-03-08 21:15:16Z

Description: In the SPNEGO HTTP Authentication Module for nginx (spnego-http-auth-nginx-module) before version 1.1.1 basic Authentication can be bypassed using a malformed username. This affects users of spnego-http-auth-nginx-module that have enabled basic authentication. This is fixed in version 1.1.1 of spnego-http-auth-nginx-module. As a workaround, one may disable basic authentication.

Source: NVD.NIST.GOV

Date:

8 March 2021

Categorie(s):

NVD

Tag(s):

NVD

Entrust protects users against fraud, phishing and other account takeover attacks23 April 2024
New Oleria service aims to tackle modern identity challenges in cybersecurity23 April 2024
Passwords, passkeys and familiarity bias23 April 2024
Netwrix 1Secure enhancements accelerate threat detection23 April 2024
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories23 April 2024