When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications.  You are affected if you have route-services enabled in routing-release and have configured the haproxy-boshrelease property “ha_proxy.forwarded_client_cert” to “forward_only_if_route_service”.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: vmware

Published: 2024-07-03T06:08:46.299Z

Updated: 2024-08-02T03:43:51.046Z

Reserved: 2024-06-03T05:40:17.631Z

Link: CVE-2024-37082

cve-icon Vulnrichment

Updated: 2024-08-02T03:43:51.046Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-07-03T06:15:03.633

Modified: 2024-11-21T09:23:09.607

Link: CVE-2024-37082

cve-icon Redhat

No data.