Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 12:40 a.m.11 views

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

9.1CVSS7.1AI score0.00545EPSS
Exploits0References1
NVD
NVD
added 2024/07/03 6:15 a.m.21 views

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

9.1CVSS0.00545EPSS
Exploits0References1
CVE
CVE
added 2024/07/03 6:8 a.m.105 views

CVE-2024-37082

CVE-2024-37082 affects Cloud Foundry when deployed with the haproxy-boshrelease and non-default configuration, allowing HTTP requests to bypass mTLS against CF applications if route-services are enabled and ha_proxy.forwarded_client_cert is set to forward_only_if_route_service. Affected setup: Ro...

9.1CVSS9.2AI score0.00545EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/03 6:8 a.m.27 views

CVE-2024-37082

When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications. You are affected if you have route-services enabled in routing-release and have...

9.1CVSS6.7AI score0.00545EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2024/06/24 12:0 a.m.26 views

CVE-2024-37082 - mTLS bypass | Cloud Foundry

Severity CRITICAL Vendor CloudFoundry Foundation Versions Affected Routing Release 10.6.0 Description When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud...

9.1CVSS9.3AI score0.00545EPSS
Exploits0
Rows per page
Query Builder