Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-15069

CVE-2023-4586 Hot Rod client does not enable hostname validation when using TLS that lead to a MITM attack

    XMLWordPrintable

Details

    Description

      Currently the Hot Rod client has a single SNI configuration that is used for all clusters. We should be able to configure per-cluster SNI.
      Also, if SNI hasn't been explicitly configured, we should be setting it to the topology hostname in the SSL parameters.

      Attachments

        Activity

          People

            ttarrant@redhat.com Tristan Tarrant
            ttarrant@redhat.com Tristan Tarrant
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: