Miggo Logo
Miggo Vulnerability Database
CVE-2025-23419

CVE-2025-23419: When multiple server blocks are configured to share the same IP address and port, an attacker can...

4.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2025-23419
GHSA ID
GHSA-84xh-pwc6-7g4g
EPSS Score
0.47532%
CWE
CWE-287
Published
2/5/2025
Updated
2/5/2025
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The provided information and fetched URL contents describe the vulnerability (CVE-2025-23419) in Nginx related to TLS session resumption and client certificate bypass. However, no specific commit information, code patches, or diffs were available. Without this direct code-level evidence, it is not possible to identify the exact vulnerable functions, their file paths, or provide patch evidence with the required precision. The vulnerability likely resides in Nginx's SSL handling modules, particularly functions dealing with session caching (ssl_session_cache) and session tickets (ssl_session_ticket_key) in conjunction with client certificate authentication for TLSv1.3, but specific function names cannot be determined from the available data.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W**n multipl* s*rv*r *lo*ks *r* *on*i*ur** to s**r* t** s*m* IP ***r*ss *n* port, *n *tt**k*r **n us* s*ssion r*sumption to *yp*ss *li*nt **rti*i**t* *ut**nti**tion r*quir*m*nts on t**s* s*rv*rs. T*is vuln*r**ility *ris*s w**n TLS S*ssion Ti*k*ts *t

Reasoning

T** provi*** in*orm*tion *n* **t**** URL *ont*nts **s*ri** t** vuln*r**ility (*V*-****-*****) in N*inx r*l*t** to TLS s*ssion r*sumption *n* *li*nt **rti*i**t* *yp*ss. *ow*v*r, no sp**i*i* *ommit in*orm*tion, *o** p*t***s, or *i**s w*r* *v*il**l*. Wi