3 matches found
CVE-2019-20894
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...
CVE-2019-20894
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERRBADSSLCLIENTAUTHCERT should have occurred...
CVE-2019-20894
CVE-2019-20894 : Traefik 2.x can allow HTTPS sessions to proceed without mutual TLS verification in certain configurations, where an ERR_BAD_SSL_CLIENT_AUTH_CERT would be expected. This describes a gap in mutual TLS authentication that could expose confidentiality to a man-in-the-middle. The prov...