Описание
Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.
EPSS
Процентиль: 14%
0.00047
Низкий
Дефекты
CWE-299
Связанные уязвимости
github
3 месяца назад
Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.
EPSS
Процентиль: 14%
0.00047
Низкий
Дефекты
CWE-299