VDB

CLEANSTART-2026-AF45008

CLEANSTART-2026-AF45008 PUBLISHED CVSS 9.800000190734863 CRITICAL

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
CleanStartnginx0

Timeline

  • Apr 21, 2026 CVE Published
  • Apr 23, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›