Vulnerability Report

CVE-2023-2295

RCE

Title: Denial of Service in libreswan IKEv1

Proof Of Concept

No public PoC currently indexed for CVE-2023-2295.

CWE Category CWE-400

Published Date May 17, 2023

Modified Date Jan 22, 2025

Exploit Status Not Found

Score 7.5 CVSS v3.1

Exploit Probability (EPSS)

4.42%

Vulnerability Summary

CVE-2023-2295: A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.

Impacted Vendors

libreswan 1

Reference Links

https://access.redhat.com/errata/RHSA-2023:3107 https://access.redhat.com/errata/RHSA-2023:3148 https://access.redhat.com/security/cve/CVE-2023-2295 https://bugzilla.redhat.com/show_bug.cgi?id=2189777 https://access.redhat.com/errata/RHSA-2023:3107 https://access.redhat.com/errata/RHSA-2023:3148 https://access.redhat.com/security/cve/CVE-2023-2295 https://bugzilla.redhat.com/show_bug.cgi?id=2189777

CVSS v3.1

Source Entity [email protected]

Severity HIGH

7.5

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v3.1

Source Entity 134c704f-9b21-4f2e-91b3-4a467353bcc0

Severity HIGH

7.5

Attack Vector

NETWORK

Complexity

LOW

Privileges

N/A

Interaction

NONE

Confidentiality

N/A

Integrity

N/A

Availability

N/A

Scope

UNCHANGED

RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2023-2295 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

January 22, 2025 MODIFIED

Vulnerability data or affected products updated.

May 17, 2023 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK

Complexity LOW

Privileges N/A

Interaction NONE

CVSS Vector String


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Stack

No specific products linked.