Home

CVE-2015-4171

Description

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

Risk Information

Base Score
9.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
Exploitation Probability
1.012

Associated Vulnerability

VulnerabilityOS Platform
IPsec VPN solution (USN-2628-1) strongswan-ike_5.1.2-0ubuntu5.3_i386.debLinux
IPsec VPN solution (USN-2628-1) strongswan-ike_5.1.2-0ubuntu5.3_amd64.debLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-debugsource-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-doc-5.1.3-18.1.noarch.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Server 12 ) strongswan-hmac-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-ipsec-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-ipsec-debuginfo-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-libs0-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1196-1(SUSE Linux Enterprise Desktop 12 ) strongswan-libs0-debuginfo-5.1.3-18.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) freetype2-debugsource-2.5.5-7.5.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) ft2demos-2.5.5-7.5.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) libfreetype6-2.5.5-7.5.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) libfreetype6-32bit-2.5.5-7.5.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) libfreetype6-debuginfo-2.5.5-7.5.1.x86_64.rpmLinux
SUSE-SU-2015:1228-1(SUSE Linux Enterprise Desktop 12 ) libfreetype6-debuginfo-32bit-2.5.5-7.5.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234