Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider
Vulnerability Description
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" (intending to enable backend TLS certificate verification) actually disables verification, allowing man-in-the-middle attacks against HTTPS backends when operators believe they are protected. This issue is fixed in version 3.6.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
证书验证不恰当
Vulnerability Title
Traefik 安全漏洞
Vulnerability Description
Traefik是Traefik开源的一款开源的反向代理与负载均衡工具。 Traefik 3.5.0版本至3.6.2版本存在安全漏洞,该漏洞源于TLS验证逻辑反转,可能导致中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A