6.4 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.0%
Stunnel 5.00 through 5.13, when using the redirect option, does not redirect client connections to the expected server after the initial connection, which allows remote attackers to bypass authentication.
www.debian.org/security/2015/dsa-3299
www.securityfocus.com/bid/74659
www.securitytracker.com/id/1032324
www.stunnel.org/CVE-2015-3644.html