Описание
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
Ссылки
- Release Notes
- Vendor Advisory
- Release Notes
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 5.3.0 (включая) до 5.9.12 (исключая)
cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.1093
Средний
9.8 Critical
CVSS3
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 1 года назад
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message.
CVSS3: 9.8
debian
больше 1 года назад
strongSwan before 5.9.12 has a buffer overflow and possible unauthenti ...
EPSS
Процентиль: 93%
0.1093
Средний
9.8 Critical
CVSS3
Дефекты
CWE-120