2 matches found
CVE-2025-66001
NeuVector supports login authentication through OpenID Connect. However, the TLS verification which verifies the remote server's authenticity and integrity for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle MITM attacks...
CVE-2025-66001
NeuVector’s CVE-2025-66001 involves OpenID Connect authentication where TLS verification is not enforced by default, enabling potential MITM attacks. Affected context includes NeuVector’s OpenID Connect integration and related connection types (registry, auth servers, webhooks) where TLS verifica...