Apache · Apache Traffic Server · CVE-2021-38161
**Name of the Vulnerable Software and Affected Versions**
Apache Traffic Server versions 8.0.0 through 8.0.8
**Description**
The issue is related to an Improper Authentication vulnerability in the TLS origin verification of Apache Traffic Server, which can be exploited for man-in-the-middle attacks. This allows a remote attacker to intercept and alter communication between the client and server.
**Recommendations**
For Apache Traffic Server versions 8.0.0 through 8.0.8, update to a version outside of this range to resolve the issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.