CVE-2022-23632
7.40.56%
The Silent Fallback: Bypassing Traefik mTLS with CVE-2022-23632
Amit Schendel
Senior Security ResearcherJan 12, 2026·6 min read·0 visits
PoC Available
Executive Summary (TL;DR)
Traefik versions prior to 2.6.1 fail to apply specific TLS configurations (like mTLS enforcement) when handling certain FQDN requests. The system defaults to the global TLS config, which is often less secure. If your default config doesn't require client certificates, an attacker can bypass authentication entirely by simply asking nicely.
A logic flaw in Traefik's TLS configuration selection allows attackers to bypass router-specific security settings, including Mutual TLS (mTLS) requirements, by forcing a fallback to the default configuration.
Fix Analysis (1)
Technical Appendix
CVSS Score
7.4/ 10
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NEPSS Probability
0.56%
Top 32% most exploited
Affected Systems
Traefik < 2.6.1Oracle Communications Unified Inventory Management 7.5.0Oracle Communications Order and Service Management 7.4.0Oracle Communications Order and Service Management 7.4.1
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
Traefik Traefik Labs | < 2.6.1 | 2.6.1 |
Unified Inventory Management Oracle | 7.5.0 | See Vendor Advisory |
| Attribute | Detail |
|---|---|
| Attack Vector | Network (AV:N) |
| CVSS v3.1 | 7.4 (High) |
| Impact | Security Bypass / Info Disclosure |
| EPSS Score | 0.56% |
| Exploit Status | PoC Available |
| KEV Status | Not Listed |
MITRE ATT&CK Mapping
CWE-295
Improper Certificate Validation
Improper Validation of Certificate with Host Mismatch
Known Exploits & Detection
Vulnerability Timeline
Vulnerability Disclosed & Patch Prepared
2022-02-14
Traefik v2.6.1 Released (Fix)
2022-02-17
CVE-2022-23632 Published
2022-02-17
Oracle Advisory (July CPU)
2022-07-19
Subscribe to updates
Get the latest CVE analysis reports delivered to your inbox.