When deploying Cloud Foundry together with the haproxy-boshrelease and using a non default configuration, it might be possible to craft HTTP requests that bypass mTLS authentication to Cloud Foundry applications.
You are affected if you have route-services enabled in routing-release and have configured the haproxy-boshrelease property “ha_proxy.forwarded_client_cert” to “forward_only_if_route_service”.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: vmware
Published: 2024-07-03T06:08:46.299Z
Updated: 2024-08-02T03:43:51.046Z
Reserved: 2024-06-03T05:40:17.631Z
Link: CVE-2024-37082
Vulnrichment
Updated: 2024-08-02T03:43:51.046Z
NVD
Status : Awaiting Analysis
Published: 2024-07-03T06:15:03.633
Modified: 2024-11-21T09:23:09.607
Link: CVE-2024-37082
Redhat
No data.