Skip to main content

Strongswan

28 CVEs product

Monthly

CVE-2026-25075 HIGH POC PATCH This Week

Unauthenticated remote attackers can crash strongSwan versions 4.5.0 through 6.0.4 via integer underflow in the EAP-TTLS AVP parser during IKEv2 authentication by sending malformed AVP packets with invalid length fields. Public exploit code exists for this denial of service vulnerability, which triggers memory corruption in the charon daemon with no available patch. Organizations running affected strongSwan versions are vulnerable to service disruption without authentication or user interaction required.

Denial Of Service Integer Overflow Strongswan
NVD VulDB
CVSS 4.0
8.7
EPSS
0.1%
CVE-2023-41913 CRITICAL Act Now

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Strongswan
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2023-26463 CRITICAL Act Now

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Strongswan
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2022-40617 HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2021-41991 HIGH PATCH This Week

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Strongswan Debian Linux Fedora +22
NVD GitHub
CVSS 3.1
7.5
EPSS
4.8%
CVE-2021-41990 HIGH This Week

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Strongswan Debian Linux Fedora +17
NVD GitHub
CVSS 3.1
7.5
EPSS
6.5%
CVE-2019-10155 LOW PATCH Monitor

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Libreswan Strongswan Openswan +2
NVD
CVSS 3.1
3.1
EPSS
0.5%
CVE-2018-17540 HIGH PATCH This Week

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
3.5%
CVE-2018-16152 HIGH This Week

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2018-16151 HIGH This Week

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2018-10811 HIGH PATCH This Week

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Strongswan Debian Linux Ubuntu Linux Fedora
NVD
CVSS 3.1
7.5
EPSS
7.1%
CVE-2018-5388 MEDIUM This Month

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
4.0%
CVE-2018-6459 MEDIUM This Month

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Strongswan
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2015-3991 CRITICAL Act Now

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Strongswan
NVD
CVSS 3.0
9.8
EPSS
4.5%
CVE-2017-11185 HIGH This Week

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Strongswan
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2017-9023 HIGH This Week

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2017-9022 HIGH This Week

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2015-8023 MEDIUM This Month

The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ubuntu Linux Strongswan
NVD
CVSS 2.0
5.0
EPSS
0.8%
CVE-2015-4171 LOW PATCH Monitor

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Strongswan Vpn Client Ubuntu Linux Debian Linux Strongswan
NVD
CVSS 2.0
2.6
EPSS
1.0%
CVE-2014-9221 MEDIUM This Month

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Strongswan Opensuse Ubuntu Linux +2
NVD
CVSS 2.0
5.0
EPSS
6.9%
CVE-2014-2891 MEDIUM This Month

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Strongswan
NVD
CVSS 2.0
5.0
EPSS
1.6%
CVE-2014-2338 MEDIUM This Month

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Strongswan
NVD VulDB
CVSS 2.0
6.4
EPSS
0.3%
CVE-2013-6076 MEDIUM PATCH This Month

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Strongswan
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-6075 MEDIUM PATCH This Month

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Strongswan
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-5018 MEDIUM POC This Month

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Strongswan Opensuse
NVD
CVSS 2.0
4.3
EPSS
2.9%
CVE-2013-2054 MEDIUM This Month

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Strongswan
NVD
CVSS 2.0
5.1
EPSS
1.8%
CVE-2013-2944 MEDIUM PATCH This Month

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

OpenSSL Authentication Bypass Strongswan
NVD
CVSS 2.0
4.9
EPSS
0.3%
CVE-2012-2388 HIGH This Week

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Strongswan
NVD
CVSS 2.0
7.5
EPSS
0.7%
EPSS 0% CVSS 8.7
HIGH POC PATCH This Week

Unauthenticated remote attackers can crash strongSwan versions 4.5.0 through 6.0.4 via integer underflow in the EAP-TTLS AVP parser during IKEv2 authentication by sending malformed AVP packets with invalid length fields. Public exploit code exists for this denial of service vulnerability, which triggers memory corruption in the charon daemon with no available patch. Organizations running affected strongSwan versions are vulnerable to service disruption without authentication or user interaction required.

Denial Of Service Integer Overflow Strongswan
NVD VulDB
EPSS 2% CVSS 9.8
CRITICAL Act Now

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Strongswan
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Strongswan
NVD GitHub
EPSS 2% CVSS 7.5
HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux +3
NVD
EPSS 5% CVSS 7.5
HIGH PATCH This Week

The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow RCE Strongswan +24
NVD GitHub
EPSS 6% CVSS 7.5
HIGH This Week

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Strongswan +19
NVD GitHub
EPSS 1% CVSS 3.1
LOW PATCH Monitor

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable.

Microsoft Information Disclosure Libreswan +4
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Strongswan Debian Linux +1
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Strongswan +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Strongswan +2
NVD
EPSS 7% CVSS 7.5
HIGH PATCH This Week

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Strongswan Debian Linux +2
NVD
EPSS 4% CVSS 6.5
MEDIUM This Month

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Debian Linux +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Strongswan
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Strongswan
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Strongswan
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Debian Linux +1
NVD
EPSS 1% CVSS 5.0
MEDIUM This Month

The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ubuntu Linux Strongswan
NVD
EPSS 1% CVSS 2.6
LOW PATCH Monitor

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Strongswan Vpn Client Ubuntu Linux +2
NVD
EPSS 7% CVSS 5.0
MEDIUM This Month

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) via a crafted IKEv2 Key Exchange (KE) message with Diffie-Hellman (DH). Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Microsoft Strongswan +4
NVD
EPSS 2% CVSS 5.0
MEDIUM This Month

strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a crafted ID_DER_ASN1_DN ID payload. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Strongswan
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Strongswan
NVD VulDB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via a crafted IKEv1 fragmentation packet. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Strongswan
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a denial of service (out-of-bounds read, NULL pointer dereference, and daemon. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Strongswan
NVD
EPSS 3% CVSS 4.3
MEDIUM POC This Month

The is_asn1 function in strongSwan 4.1.11 through 5.0.4 does not properly validate the return value of the asn1_length function, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service Strongswan +1
NVD
EPSS 2% CVSS 5.1
MEDIUM This Month

Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being used, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE +1
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

OpenSSL Authentication Bypass Strongswan
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The GMP Plugin in strongSwan 4.2.0 through 4.6.3 allows remote attackers to bypass authentication via a (1) empty or (2) zeroed RSA signature, aka "RSA signature verification vulnerability.". Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Strongswan
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy