Skip to main content

Strongswan Vpn Client

1 CVEs product

Monthly

CVE-2015-4171 LOW PATCH Monitor

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Strongswan Vpn Client Ubuntu Linux Debian Linux Strongswan
NVD
CVSS 2.0
2.6
EPSS
1.0%
EPSS 1% CVSS 2.6
LOW PATCH Monitor

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Strongswan Vpn Client Ubuntu Linux +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy