Security Advisory

CVE-2021-32919

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-05-13 15:12:19

Last updated 2024-08-03 23:33:55

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another server (when this option is enabled).

← Browse all CVEs View on cve.org ↗