Security Advisory

CVE-2020-8660

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-04 21:10:15

Last updated 2024-08-04 10:03:46

Assigner mitre

State PUBLISHED

Description

CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some security restrictions in the process.

← Browse all CVEs View on cve.org ↗