Authentication Bypass
NGINX is vulnerable to Authentication Bypass. The vulnerability is due to shared TLS session states due to the use of TLS Session Tickets and/or the SSL session cache in the default server, which performs client certificate authentication. Attackers can use session resumption to bypass...