Количество 8
Количество 8
CVE-2015-4171
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
CVE-2015-4171
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
CVE-2015-4171
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
CVE-2015-4171
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client be ...
SUSE-SU-2015:1791-1
Security update for strongswan
SUSE-SU-2015:1196-1
Security update for strongswan
GHSA-mg6m-fcfp-8xqm
strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.
SUSE-SU-2015:1227-1
Security update for strongswan
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-4171 strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | CVSS2: 2.6 | 1% Низкий | больше 10 лет назад |
 | CVE-2015-4171 strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | CVSS2: 1.4 | 1% Низкий | больше 10 лет назад |
 | CVE-2015-4171 strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | CVSS2: 2.6 | 1% Низкий | больше 10 лет назад |
| CVE-2015-4171 strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client be ... | CVSS2: 2.6 | 1% Низкий | больше 10 лет назад |
 | SUSE-SU-2015:1791-1 Security update for strongswan | 1% Низкий | больше 10 лет назад | |
| SUSE-SU-2015:1196-1 Security update for strongswan | 1% Низкий | больше 10 лет назад | |
| GHSA-mg6m-fcfp-8xqm strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. | 1% Низкий | больше 3 лет назад | |
| SUSE-SU-2015:1227-1 Security update for strongswan | больше 11 лет назад |
Уязвимостей на страницу