Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2015-4171

Опубликовано: 10 июн. 2015
Источник: nvd
CVSS2: 2.6
EPSS Низкий

Описание

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:strongswan:strongswan_vpn_client:*:*:*:*:*:android:*:*
Версия до 1.4.5 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:strongswan:strongswan:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.4:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01012
Низкий

2.6 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2015-4171

ubuntu
больше 10 лет назад

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

redhat логотип

CVE-2015-4171

redhat
больше 10 лет назад

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

debian логотип

CVE-2015-4171

debian
больше 10 лет назад

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client be ...

suse-cvrf логотип

SUSE-SU-2015:1791-1

suse-cvrf
больше 10 лет назад

Security update for strongswan

suse-cvrf логотип

SUSE-SU-2015:1196-1

suse-cvrf
больше 10 лет назад

Security update for strongswan

EPSS

Процентиль: 77%
0.01012
Низкий

2.6 Low

CVSS2

Дефекты

CWE-200