In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions.
References
Configurations
History
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
06 Jun 2021, 11:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (MLIST) https://lists.apache.org/thread.html/2d6bd429a0ba9af1580da896575cfca6e42bb05e7536562d4b095fcf@%3Ccvs.httpd.apache.org%3E - Mailing List, Exploit, Vendor Advisory |
30 Mar 2021, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2019-04-08 20:29
Updated : 2023-12-10 12:59
NVD link : CVE-2019-0215
Mitre link : CVE-2019-0215
CVE.ORG link : CVE-2019-0215
JSON object : View
Products Affected
apache
- http_server
fedoraproject
- fedora
CWE