CVE-2024-1052

Boundary and Boundary Enterprise are affected by CVE-2024-1052: session hijacking via TLS certificate tampering. The issue occurs when an attacker who can enumerate active/pending sessions, obtain a session private key, and possess a valid TOFU token can craft a TLS certificate to hijack an activ...