{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T01:55:43.009","vulnerabilities":[{"cve":{"id":"CVE-2025-23419","sourceIdentifier":"f5sirt@f5.com","published":"2025-02-05T18:15:33.347","lastModified":"2026-01-27T13:30:41.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when  TLS Session Tickets https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key  are used and/or the  SSL session cache https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache  are used in the default server and the default server is performing client certificate authentication.  \n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."},{"lang":"es","value":"Cuando se configuran varios bloques de servidores para compartir la misma dirección IP y puerto, un atacante puede usar la reanudación de sesión para eludir los requisitos de autenticación de certificados de cliente en estos servidores. Esta vulnerabilidad surge cuando se utilizan tickets de sesión TLS https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key y/o se utiliza la caché de sesión SSL https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache en el servidor predeterminado y este está realizando la autenticación de certificados de cliente. Nota: Las versiones de software que han llegado al final del soporte técnico (EoTS) no se evalúan."}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","versionStartIncluding":"1.11.4","versionEndExcluding":"1.26.3","matchCriteriaId":"90E7462C-FF90-4463-BB1C-8B9BC94FFA54"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","versionStartIncluding":"1.27.0","versionEndExcluding":"1.27.4","matchCriteriaId":"34709BDE-C5EF-4D44-8BDC-0791B6A15E5E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"r28","versionEndExcluding":"r32","matchCriteriaId":"684EDE01-D672-43C3-A447-BECB6C5D2033"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:-:*:*:*:*:*:*","matchCriteriaId":"36C4308E-651E-437C-84E7-10C542E3ADC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*","matchCriteriaId":"FA913184-EAAD-409E-99C6-AB979DAA93F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:-:*:*:*:*:*:*","matchCriteriaId":"514B0A2A-E2FD-4DB7-B5B8-5C59F1D60AD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*","matchCriteriaId":"46DC49B8-7286-4867-9CDA-1C1B469CD304"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000149173","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2025/02/05/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/03/msg00017.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}