CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
Low
EPSS
Percentile
84.3%
libreswan 3.9 through 3.12 allows remote attackers to cause a denial of service (daemon restart) via an IKEv1 packet with (1) unassigned bits set in the IPSEC DOI value or (2) the next payload value set to ISAKMP_NEXT_SAK.
Vendor | Product | Version | CPE |
---|---|---|---|
libreswan | libreswan | 3.9 | cpe:2.3:a:libreswan:libreswan:3.9:*:*:*:*:*:*:* |
libreswan | libreswan | 3.10 | cpe:2.3:a:libreswan:libreswan:3.10:*:*:*:*:*:*:* |
libreswan | libreswan | 3.11 | cpe:2.3:a:libreswan:libreswan:3.11:*:*:*:*:*:*:* |
libreswan | libreswan | 3.12 | cpe:2.3:a:libreswan:libreswan:3.12:*:*:*:*:*:*:* |