CVE-2014-3616

MEDIUM severity · CVSS 4.3 · CWE-613

4.3CVSS MEDIUM

Summary

nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks.

Impact & exploitability

Attack vectorNetwork

Attack complexity—

Privileges required—

User interaction—

Confidentiality impactNone

Integrity impact—

Availability impactNone

Exploit probability (EPSS)2%

AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected products we track (2)

Nginx Debian

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information

NVD record
http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.htmlAdvisory
http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.htmlAdvisory
http://www.debian.org/security/2014/dsa-3029Advisory
http://www.debian.org/security/2014/dsa-3029Advisory