Unverified Peer Identity in Nginx HTTP Proxy Module: Facilitating Man-in-the-Middle Attacks

Unverified Peer Identity in Nginx HTTP Proxy Module: Facilitating Man-in-the-Middle Attacks

CVE-2011-4968 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Learn more about our Cis Benchmark Audit For Server Software.