CVE-2011-4968 | SynScan

Vulnerability Database

289,598

Total vulnerabilities in the database

CVE-2011-4968

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Published: Nov 19, 2019
Updated: Apr 13, 2023
CVE: CVE-2011-4968
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.8
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
f5 / nginx	0.7.65	0.7.65.x
f5 / nginx	0.7.66	0.7.66.x
f5 / nginx	0.7.64	0.7.64.x
f5 / nginx	0.7.61	0.7.61.x
f5 / nginx	0.7.62	0.7.62.x
f5 / nginx	0.8.33	0.8.33.x
f5 / nginx	0.8.40	0.8.40.x
f5 / nginx	0.8.35	0.8.35.x
f5 / nginx	0.8.36	0.8.36.x
f5 / nginx	1.2.6	1.2.6.x
debian / debian_linux	8.0	8.0.x