The SentinelOne Annual Threat Report - A Defenders Guide from the FrontlinesThe SentinelOne Annual Threat ReportGet the Report
Experiencing a Breach?Blog
Get StartedContact Us
SentinelOne
  • Platform
    Platform Overview
    • Singularity Platform
      Welcome to Integrated Enterprise Security
    • AI for Security
      Leading the Way in AI-Powered Security Solutions
    • Securing AI
      Accelerate AI Adoption with Secure AI Tools, Apps, and Agents.
    • How It Works
      The Singularity XDR Difference
    • Singularity Marketplace
      One-Click Integrations to Unlock the Power of XDR
    • Pricing & Packaging
      Comparisons and Guidance at a Glance
    Data & AI
    • Purple AI
      Accelerate SecOps with Generative AI
    • Singularity Hyperautomation
      Easily Automate Security Processes
    • AI-SIEM
      The AI SIEM for the Autonomous SOC
    • Singularity Data Lake
      AI-Powered, Unified Data Lake
    • Singularity Data Lake for Log Analytics
      Seamlessly Ingest Data from On-Prem, Cloud or Hybrid Environments
    Endpoint Security
    • Singularity Endpoint
      Autonomous Prevention, Detection, and Response
    • Singularity XDR
      Native & Open Protection, Detection, and Response
    • Singularity RemoteOps Forensics
      Orchestrate Forensics at Scale
    • Singularity Threat Intelligence
      Comprehensive Adversary Intelligence
    • Singularity Vulnerability Management
      Application & OS Vulnerability Management
    • Singularity Identity
      Identity Threat Detection and Response
    Cloud Security
    • Singularity Cloud Security
      Block Attacks with an AI-Powered CNAPP
    • Singularity Cloud Native Security
      Secure Cloud and Development Resources
    • Singularity Cloud Workload Security
      Real-Time Cloud Workload Protection Platform
    • Singularity Cloud Data Security
      AI-Powered Threat Detection for Cloud Storage
    • Singularity Cloud Security Posture Management
      Detect and Remediate Cloud Misconfigurations
    Securing AI
    • Prompt Security
      Secure AI Tools Across Your Enterprise
  • Why SentinelOne?
    Why SentinelOne?
    • Why SentinelOne?
      Cybersecurity Built for What’s Next
    • Our Customers
      Trusted by the World’s Leading Enterprises
    • Industry Recognition
      Tested and Proven by the Experts
    • About Us
      The Industry Leader in Autonomous Cybersecurity
    Compare SentinelOne
    • Arctic Wolf
    • Broadcom
    • CrowdStrike
    • Cybereason
    • Microsoft
    • Palo Alto Networks
    • Sophos
    • Splunk
    • Trellix
    • Trend Micro
    • Wiz
    Verticals
    • Energy
    • Federal Government
    • Finance
    • Healthcare
    • Higher Education
    • K-12 Education
    • Manufacturing
    • Retail
    • State and Local Government
  • Services
    Managed Services
    • Managed Services Overview
      Wayfinder Threat Detection & Response
    • Threat Hunting
      World-Class Expertise and Threat Intelligence
    • Managed Detection & Response
      24/7/365 Expert MDR Across Your Entire Environment
    • Incident Readiness & Response
      DFIR, Breach Readiness, & Compromise Assessments
    Support, Deployment, & Health
    • Technical Account Management
      Customer Success with Personalized Service
    • SentinelOne GO
      Guided Onboarding & Deployment Advisory
    • SentinelOne University
      Live and On-Demand Training
    • Services Overview
      Comprehensive Solutions for Seamless Security Operations
    • SentinelOne Community
      Community Login
  • Partners
    Our Network
    • MSSP Partners
      Succeed Faster with SentinelOne
    • Singularity Marketplace
      Extend the Power of S1 Technology
    • Cyber Risk Partners
      Enlist Pro Response and Advisory Teams
    • Technology Alliances
      Integrated, Enterprise-Scale Solutions
    • SentinelOne for AWS
      Hosted in AWS Regions Around the World
    • Channel Partners
      Deliver the Right Solutions, Together
    • SentinelOne for Google Cloud
      Unified, Autonomous Security Giving Defenders the Advantage at Global Scale
    • Partner Locator
      Your Go-to Source for Our Top Partners in Your Region
    Partner Portal→
  • Resources
    Resource Center
    • Case Studies
    • Data Sheets
    • eBooks
    • Reports
    • Videos
    • Webinars
    • Whitepapers
    • Events
    View All Resources→
    Blog
    • Feature Spotlight
    • For CISO/CIO
    • From the Front Lines
    • Identity
    • Cloud
    • macOS
    • SentinelOne Blog
    Blog→
    Tech Resources
    • SentinelLABS
    • Ransomware Anthology
    • Cybersecurity 101
  • About
    About SentinelOne
    • About SentinelOne
      The Industry Leader in Cybersecurity
    • Investor Relations
      Financial Information & Events
    • SentinelLABS
      Threat Research for the Modern Threat Hunter
    • Careers
      The Latest Job Opportunities
    • Press & News
      Company Announcements
    • Cybersecurity Blog
      The Latest Cybersecurity Threats, News, & More
    • FAQ
      Get Answers to Our Most Frequently Asked Questions
    • DataSet
      The Live Data Platform
    • S Foundation
      Securing a Safer Future for All
    • S Ventures
      Investing in the Next Generation of Security, Data and AI
  • Pricing
Get StartedContact Us
CVE Vulnerability Database
Vulnerability Database/CVE-2021-3618

CVE-2021-3618: F5 Nginx Auth Bypass Vulnerability

CVE-2021-3618 is an authentication bypass vulnerability in F5 Nginx involving ALPACA attacks that exploit TLS certificate confusion. This vulnerability allows MiTM attackers to redirect subdomain traffic. Learn its impact.

Published: March 4, 2026

CVE-2021-3618 Overview

CVE-2021-3618 is known as the ALPACA (Application Layer Protocol Content Confusion Attack) vulnerability, a sophisticated attack that exploits TLS servers implementing different protocols while using compatible certificates, such as multi-domain or wildcard certificates. A Man-in-the-Middle (MiTM) attacker with access to victim traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This effectively breaks the authentication guarantees of TLS and enables cross-protocol attacks where the behavior of one protocol service may compromise another at the application layer.

Critical Impact

This vulnerability undermines TLS authentication, enabling attackers to perform cross-protocol attacks that can lead to unauthorized data access and compromise of secure communications across multiple services sharing certificates.

Affected Products

  • F5 NGINX
  • Sendmail
  • vsftpd
  • Fedora 33, 34, 35
  • Debian Linux 10.0

Discovery Timeline

  • 2022-03-23 - CVE-2021-3618 published to NVD
  • 2024-11-21 - Last updated in NVD database

Technical Details for CVE-2021-3618

Vulnerability Analysis

The ALPACA attack exploits a fundamental weakness in how TLS certificates are shared across different protocol services. When organizations deploy wildcard certificates (e.g., *.example.com) or multi-domain certificates across services running different application layer protocols (HTTP, FTP, SMTP, etc.), an attacker positioned in the network path can exploit this configuration.

The attack leverages the fact that TLS authenticates the server but does not bind the encrypted channel to a specific application protocol. This means that a valid TLS handshake with ftp.example.com using a wildcard certificate is cryptographically indistinguishable from a handshake with www.example.com if both use the same certificate.

This vulnerability is classified under CWE-295 (Improper Certificate Validation), as the issue stems from how certificates are validated and trusted across protocol boundaries.

Root Cause

The root cause of ALPACA lies in the design assumption that TLS certificate validation alone provides sufficient protection against cross-protocol attacks. When multiple services (HTTPS, FTPS, SMTPS, etc.) share compatible certificates, there is no mechanism within TLS to prevent an attacker from redirecting traffic intended for one protocol to a server running a different protocol.

The vulnerability exists because:

  • TLS does not enforce application layer protocol binding
  • Wildcard and multi-domain certificates are widely deployed across heterogeneous services
  • Application protocols have different security properties and behaviors that can be exploited when confused

Attack Vector

The attack requires network-level access to redirect TCP connections. An attacker performs a MiTM attack at the TCP/IP layer to redirect a victim's TLS connection from the intended server to a different server that shares a compatible certificate but runs a different application protocol.

The attack proceeds as follows:

  1. Positioning: Attacker gains network position allowing TCP traffic manipulation (ARP spoofing, BGP hijacking, rogue access point, etc.)
  2. Interception: Victim initiates TLS connection to legitimate service (e.g., HTTPS on www.example.com)
  3. Redirection: Attacker redirects TCP connection to different service (e.g., FTP on ftp.example.com) sharing the same certificate
  4. Protocol Confusion: The TLS handshake succeeds because both services use compatible certificates
  5. Exploitation: Attacker exploits differences in protocol behavior to extract sensitive data or inject malicious content

For more technical details, see the ALPACA Attack research page.

Detection Methods for CVE-2021-3618

Indicators of Compromise

  • Unexpected protocol negotiation errors in server logs indicating protocol confusion attempts
  • TLS connections terminating at unexpected services (e.g., FTP server receiving HTTPS traffic)
  • Anomalous traffic patterns showing connections redirected between protocol ports on related subdomains

Detection Strategies

  • Monitor for ALPN (Application-Layer Protocol Negotiation) mismatches in TLS handshakes
  • Implement network flow analysis to detect cross-service TCP redirection attempts
  • Review TLS certificate deployments to identify services sharing wildcard or multi-domain certificates
  • Enable detailed TLS handshake logging on all affected services

Monitoring Recommendations

  • Deploy network intrusion detection systems with rules for detecting TLS MiTM attack patterns
  • Configure alerts for certificate validation anomalies across services
  • Monitor for unexpected service-to-service traffic flows that could indicate exploitation attempts

How to Mitigate CVE-2021-3618

Immediate Actions Required

  • Enable Application-Layer Protocol Negotiation (ALPN) and enforce strict protocol matching on all TLS services
  • Review and segment certificate deployments to minimize certificate sharing across different protocols
  • Implement network segmentation to limit attacker positioning opportunities
  • Update affected software to versions that implement ALPN enforcement

Patch Information

Vendors have released updates addressing ALPACA through improved ALPN handling and protocol validation:

  • F5 NGINX: Apply updates that enable and enforce ALPN protocol verification
  • Sendmail: Update to patched versions implementing ALPN support
  • vsftpd: Update to versions with ALPN enforcement capabilities

For detailed patch information, consult the Red Hat Bug Report #1975623 and the Debian LTS Announcement.

Workarounds

  • Deploy separate certificates for each service/protocol rather than using wildcard certificates across multiple protocols
  • Configure firewalls to strictly control traffic flows between services on different ports
  • Enable ALPN on all TLS-capable services even if patches are pending
  • Consider network-level protections against MiTM attacks such as DNSSEC and strict ARP monitoring
bash
# Configuration example - Enable ALPN in NGINX
# Add to server block in nginx.conf
ssl_alpn http/1.1;

# For FTP services, ensure separate certificates are used
# or implement strict ALPN validation in vsftpd

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

  • Vulnerability Details
  • TypeAuth Bypass
  • Vendor/TechF5 Nginx
  • SeverityHIGH
  • CVSS Score7.4
  • EPSS Probability0.32%
  • Known ExploitedNo
  • CVSS Vector
  • CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
  • Impact Assessment
  • ConfidentialityHigh
  • IntegrityNone
  • AvailabilityNone
  • CWE References
  • CWE-295
  • Technical References
  • Alpaca Attack Resource
  • Debian LTS Announcement
  • Vendor Resources
  • Red Hat Bug Report #1975623
  • Related CVEs
  • CVE-2025-23419: F5 Nginx Auth Bypass Vulnerability
Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne
  • Get Started
  • Get a Demo
  • Product Tour
  • Why SentinelOne
  • Pricing & Packaging
  • FAQ
  • Contact
  • Contact Us
  • Customer Support
  • SentinelOne Status
  • Language
  • Platform
  • Singularity Platform
  • Singularity Endpoint
  • Singularity Cloud
  • Singularity AI-SIEM
  • Singularity Identity
  • Singularity Marketplace
  • Purple AI
  • Services
  • Wayfinder TDR
  • SentinelOne GO
  • Technical Account Management
  • Support Services
  • Verticals
  • Energy
  • Federal Government
  • Finance
  • Healthcare
  • Higher Education
  • K-12 Education
  • Manufacturing
  • Retail
  • State and Local Government
  • Cybersecurity for SMB
  • Resources
  • Blog
  • Labs
  • Case Studies
  • Videos
  • Product Tours
  • Events
  • Cybersecurity 101
  • eBooks
  • Webinars
  • Whitepapers
  • Press
  • News
  • Ransomware Anthology
  • Company
  • About Us
  • Our Customers
  • Careers
  • Partners
  • Legal & Compliance
  • Security & Compliance
  • Investor Relations
  • S Foundation
  • S Ventures

©2026 SentinelOne, All Rights Reserved.

Privacy Notice Terms of Use

English