nginx HTTP Proxy Module Vulnerability in Peer Identity Verification
CVE-2011-4968

4.8MEDIUM

Key Information:

Vendor: Nginx
Status: Nginx
Vendor: CVE Published:; 19 November 2019

What is CVE-2011-4968?

The nginx HTTP proxy module has a vulnerability that stems from its failure to authenticate the peer identity of HTTPS origin servers. This oversight exposes the application to potential man-in-the-middle attacks, allowing malicious actors to intercept, modify, or relay information between clients and the server without detection. It is crucial for users of affected nginx versions to implement proper security controls and updates to mitigate this risk.

Affected Version(s)

nginx through 1.6.2

References

https://security-tracker.debian.org/tracker/CVE-2011-4968

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4968

x_refsource_MISC

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-4968

x_refsource_MISC

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 19, 2019
Vulnerability Reserved
Dec 23, 2011

Nginx

What is CVE-2011-4968?

Affected Version(s)

References

CVSS V3.1

Timeline