F5 has warned of a vulnerability in NGINX, a widely used web server software. The issue, known as CVE-2025-23419, could let attackers bypass client certificate authentication and gain unauthorized access to sensitive resources. When name-based virtual hosts are configured to share the same IP address and port combination, with TLS 1.3 and OpenSSL, a previously … Continue reading (CVE-2025-23419)
F5 Warns of TLS Session Resumption Vulnerability in NGINX