| ID | CVE-2021-32919 | ||||||
| Sažetak | An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled). | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:M/Au:N/C:P/I:N/A:N | ||||||
| Zadnje važnije ažuriranje | 07-11-2023 - 03:35 | ||||||
| Objavljeno | 13-05-2021 - 16:15 |

