CVE-2015-4171Sensitive Information Exposure in Strongswan

CWE-200Sensitive Information Exposure9 documents7 sources
Severity
2.6LOWNVD
EPSS
1.0%
top 22.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
StrongswanDebian StrongswanStrongswan VPN Client+2 more
Timeline
PublishedJun 10
Latest updateMay 17

Description

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages4 packages

debiandebian/strongswan< strongswan 5.3.1-1 (bookworm)
Debianstrongswan/strongswan< 5.3.1-1+3
NVDstrongswan/strongswan34 versions+33

Also affects: Debian Linux 8.0, Ubuntu Linux 14.04, 14.10, 15.04

Patches

Patch: www.debian.orgPatch: www.ubuntu.comPatch: play.google.com

🔴Vulnerability Details

2
GHSA
GHSA-mg6m-fcfp-8xqm: strongSwan 42022-05-17
OSV
CVE-2015-4171: strongSwan 42015-06-10

📋Vendor Advisories

3
Red Hat
strongswan: rogue servers are able to gain user credentials from a client in certain IKEv2 setups2015-06-08
Ubuntu
strongSwan vulnerability2015-06-08
Debian
CVE-2015-4171: strongswan - strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6...2015

💬Community

3
Bugzilla
CVE-2015-4171 strongswan: rogue servers are able to gain user credentials from a client in certain IKEv2 setups [fedora-all]2015-06-12
Bugzilla
CVE-2015-4171 strongswan: rogue servers are able to gain user credentials from a client in certain IKEv2 setups2015-06-12
Bugzilla
CVE-2015-4171 strongswan: rogue servers are able to gain user credentials from a client in certain IKEv2 setups [epel-all]2015-06-12