Strongswan » Strongswan » 4.2.2 : Security Vulnerabilities, CVEs, (Gain Privilege) CVSS score >= 1
The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability."
Max CVSS
7.5
EPSS Score
1.80%
Published
2012-06-27
Updated
2017-08-29
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
Max CVSS
6.4
EPSS Score
1.71%
Published
2014-04-16
Updated
2016-11-28
2 vulnerabilities found