1 results (0.001 seconds)
CVSS: 9.1EPSS: 1%CPEs: 39EXPL: 0
CVSS: 9.1EPSS: 1%CPEs: 39EXPL: 0CVE-2015-4171 – Debian Security Advisory 3282-1
https://notcve.org/view.php?id=CVE-2015-4171
10 Jun 2015 — strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses. strongSwan 4.3.0 hasta 5.x anterior a 5.3.2 y strongSwan VPN Client anterior a 1.4.6, cuando utiliza claves EAP o precompartidas para la aut... • http://lists.opensuse.org/opensuse-updates/2015-06/msg00040.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •