Lucene search
+L

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-22991

Malware in sbrugna...

4.3CVSS4.7AI score0.00738EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:42 p.m.4 views

CVE-2021-36371

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

4.3CVSS6.8AI score0.00738EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/13 12:0 a.m.4 views

Emissary-Ingress Trust Management Issues Vulnerability

Emissary-Ingress is an open source, Kubernetes-native API gateway for microservices built with Envoy agents. Emissary-Ingress suffers from a trust management issue vulnerability that can be exploited by an attacker to bypass client certificate requirements on the back-end upstream...

4.3CVSS6.8AI score0.00738EPSS
Exploits1References1
NVD
NVD
added 2021/07/09 9:15 p.m.22 views

CVE-2021-36371

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

4.3CVSS0.00738EPSS
Exploits1References2
OSV
OSV
added 2021/07/09 9:15 p.m.11 views

CVE-2021-36371

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

3.7CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2021/07/09 9:15 p.m.12 views

Design/Logic Flaw

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

4.3CVSS4.3AI score0.00738EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/07/09 9:15 p.m.2 views

CVE-2021-36371

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

4.3CVSS5.5AI score0.00738EPSS
Exploits1References3
CVE
CVE
added 2021/07/09 8:19 p.m.81 views

CVE-2021-36371

CVE-2021-36371 is reported for Emissary-Ingress (formerly Ambassador API Gateway). The vulnerability allows bypassing client certificate requirements (mTLS cert_required) on backend upstreams when more than one TLSContext exists and any configuration does not require client cert authentication. T...

4.3CVSS4.3AI score0.00738EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/07/09 8:19 p.m.18 views

CVE-2021-36371

Emissary-Ingress formerly Ambassador API Gateway through 1.13.9 allows attackers to bypass client certificate requirements i.e., mTLS certrequired on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate...

4.6AI score0.00738EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/07/09 12:0 a.m.4 views

Emissary-Ingress 信任管理问题漏洞

Emissary-Ingress is an open source, Kubernetes-native API gateway for microservices built with Envoy agents. Emissary-Ingress suffers from a trust management issue vulnerability that can be exploited by an attacker to bypass client certificate requirements on the back-end upstream...

4.3CVSS5.8AI score0.00738EPSS
Exploits1References2
Rows per page
Query Builder