CVE-2021-38161
HIGH8.1EPSS 1.2%Published: 11/3/2021Modified: 4/28/2026
Description
Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.
Affected packages (1)
- Debian/trafficserverfrom 0, < 8.1.1+ds-1.1+deb11u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.1 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |