{"uuid": "914ec106-e347-45d1-aab0-7881d842d97d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23419", "type": "seen", "source": "https://t.me/cvedetector/17325", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23419 - Nginx SSL/TLS Session Ticket Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23419 \nPublished : Feb. 5, 2025, 6:15 p.m. | 1\u00a0hour, 56\u00a0minutes ago \nDescription : When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when  TLS Session Tickets   are used and/or the  SSL session cache   are used in the default server and the default server is performing client certificate authentication.\u00a0\u00a0  \n  \nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T21:39:56.000000Z"}