Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.
“The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*),” the web infrastructureRead More
Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers [email protected] (The Hacker News)
by
Tags: