Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2015-4171

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

  • Published: Jun 10, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-4171
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 2.6
  • AV:N/AC:H/Au:N/C:P/I:N/A:N

CWEs:

Software From Fixed in
strongswan / strongswan_vpn_client - 1.4.5.x
debian / debian_linux 8.0 8.0.x
canonical / ubuntu_linux 14.10 14.10.x
canonical / ubuntu_linux 14.04 14.04.x
canonical / ubuntu_linux 15.04 15.04.x
strongswan / strongswan 5.2.3 5.2.3.x
strongswan / strongswan 4.3.7 4.3.7.x
strongswan / strongswan 5.1.2 5.1.2.x
strongswan / strongswan 4.5.3 4.5.3.x
strongswan / strongswan 4.5.2 4.5.2.x
strongswan / strongswan 5.0.1 5.0.1.x
strongswan / strongswan 4.4.0 4.4.0.x
strongswan / strongswan 5.2.2 5.2.2.x
strongswan / strongswan 5.1.0 5.1.0.x
strongswan / strongswan 4.5.1 4.5.1.x
strongswan / strongswan 4.3.5 4.3.5.x
strongswan / strongswan 5.2.0 5.2.0.x
strongswan / strongswan 5.1.3 5.1.3.x
strongswan / strongswan 4.3.2 4.3.2.x
strongswan / strongswan 4.6.4 4.6.4.x
strongswan / strongswan 4.3.3 4.3.3.x
strongswan / strongswan 4.6.2 4.6.2.x
strongswan / strongswan 5.1.1 5.1.1.x
strongswan / strongswan 5.0.3 5.0.3.x
strongswan / strongswan 5.0.4 5.0.4.x
strongswan / strongswan 4.3.0 4.3.0.x
strongswan / strongswan 4.6.1 4.6.1.x
strongswan / strongswan 5.0.2 5.0.2.x
strongswan / strongswan 4.3.6 4.3.6.x
strongswan / strongswan 4.6.0 4.6.0.x
strongswan / strongswan 4.6.3 4.6.3.x
strongswan / strongswan 5.0.0 5.0.0.x
strongswan / strongswan 5.3.0 5.3.0.x
strongswan / strongswan 4.4.1 4.4.1.x
strongswan / strongswan 4.5.0 4.5.0.x
strongswan / strongswan 4.3.1 4.3.1.x
strongswan / strongswan 4.3.4 4.3.4.x
strongswan / strongswan 5.3.1 5.3.1.x
strongswan / strongswan 5.2.1 5.2.1.x