📦

strongswan_vpn_client

Vendor: strongswan

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 0 Remote Access
Total CVEs 3 Total Indexed
Avg. EPSS 1.01% Exploit Prob.
Latest CVE CVE-2015-4171 Jun 10

Security Vulnerability Index

Page 1 / 1
2.6 CVSS
CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

EPSS: 1.01%