2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.016 Low
EPSS
Percentile
85.8%
The flaw allows remote servers to bypass client certificate validation.
Some attackers may also be able to use valid certificates for one domain
signed by a global Certificate Authority to abuse an unrelated domain.
However, the bug is exploitable only if you have configured Squid to
perform SSL Bumping with the "client-first" or "bump" mode of operation.
Sites that do not use SSL-Bump are not vulnerable.