CVE-2011-4968

Summary

nginx http proxy module does not verify peer identity of https origin server which could facilitate man-in-the-middle attack (MITM)

Affected Software

VendorProductVersion RangeStatus
nginxnginxthrough 1.6.2affected

Weaknesses

  • http proxy module does not verify peer identity of https origin server

ADP Enrichment

CVE Program Container

Additional References

References