Published: 31/01/2022 Updated: 12/07/2022
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Vulnerability Summary

In strongSwan prior to 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

strongswan strongswan

debian debian linux 9.0

debian debian linux 10.0

debian debian linux 11.0

fedoraproject fedora 34

fedoraproject extra packages for enterprise linux 8.0

fedoraproject fedora 35

fedoraproject extra packages for enterprise linux 9.0

fedoraproject extra packages for enterprise linux 7.0

canonical ubuntu linux 18.04

canonical ubuntu linux 14.04

canonical ubuntu linux 20.04

canonical ubuntu linux 16.04

canonical ubuntu linux 21.10

Vendor Advisories

Zhuowei Zhang discovered a bug in the EAP authentication client code of strongSwan, an IKE/IPsec suite, that may allow to bypass the client and in some scenarios even the server authentication, or could lead to a denial-of-service attack When using EAP authentication (RFC 3748), the successful completion of the authentication is indicated by an EA ...