Red Hat: CVE-2021-20230: (Multiple Advisories)
Severity:
CVSS:
Published:
Created:
Added:
Modified:
Description:
A flaw was found in stunnel, where it improperly validates client certificates when it is configured to use both redirect and verifyChain options. This flaw allows an attacker with a certificate signed by a Certificate Authority, which is not the one accepted by the stunnel server, to access the tunneled service instead of being redirected to the address specified in the redirect option. The highest threat from this vulnerability is to confidentiality.'
Solution(s)
- redhat-upgrade-stunnel
- redhat-upgrade-stunnel-debuginfo
- redhat-upgrade-stunnel-debugsource
Reference(s)
- CVE-2021-20230
- RHSA-2021:0618
- RHSA-2021:0619
- RHSA-2021:0620
OTHER SERVICES
Consulting Services
We help your team successfully protect your company within your budget.
LEARN MOREApplication Security Services
Achieve more-secure applications, compliant environments, and safer systems development with streamlined and repeatable processes.
LEARN MOREData Security Services
Protectyour critical data across multiple environments, meet privacy regulations and simplify operational complexity.
LEARN MORECloud Security Testing Services
Identify cloud vulnerabilities that tools alone cannot find.
LEARN MORESecurity Risk Services
Secure your operations and respond to threats with accuracy and speed.
LEARN MORECloud Security Monitoring Services
Real-time threat detection across your cloud deployments.
LEARN MORE