7.5
CVE-2026-46579
- EPSS 0.23%
- Veröffentlicht 29.05.2026 09:50:44
- Zuletzt bearbeitet 30.06.2026 03:20:22
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend
A flaw was found in the OpenShift Router. When a Route has `insecureEdgeTerminationPolicy` set to Allow, the HTTP frontend does not remove `X-SSL-Client-*` headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted `X-SSL-Client-*` headers. As a result, backends relying on these headers for mutual TLS (Transport Layer Security) authentication can be bypassed, enabling the attacker to impersonate client certificate identities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Openshift Router Version-
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.137 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
| secalert@redhat.com | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
| 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | 7.4 | 2.2 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
https://access.redhat.com/security/cve/CVE-2026-46579
https://bugzilla.redhat.com/show_bug.cgi?id=2483181
https://access.redhat.com/errata/RHSA-2026:27044
https://access.redhat.com/errata/RHSA-2026:27063
https://access.redhat.com/errata/RHSA-2026:27009
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46579.json