Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-2338HistoryApr 16, 2014 - 6:37 p.m.
CVE-2014-2338
2014-04-1618:37:14
Debian Security Bug Tracker
security-tracker.debian.org
12
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.017
Percentile
87.8%
IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | strongswan | <Β 5.1.2-4 | strongswan_5.1.2-4_all.deb |
| Debian | 11 | all | strongswan | <Β 5.1.2-4 | strongswan_5.1.2-4_all.deb |
| Debian | 999 | all | strongswan | <Β 5.1.2-4 | strongswan_5.1.2-4_all.deb |
| Debian | 13 | all | strongswan | <Β 5.1.2-4 | strongswan_5.1.2-4_all.deb |
Related
openvas
openvas
Debian Security Advisory DSA 2903-1 (strongswan - security update)
2014-04-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0529-1)
2021-06-09 00:00:00
SUSE: Security Advisory for strongswan (SUSE-SU-2014:0529-1)
2015-10-13 00:00:00
freebsd
freebsd
strongswan -- Remote Authentication Bypass
2014-03-12 00:00:00
suse
suse
Security update for strongswan (important)
2014-04-15 21:04:16
prion
prion
Authentication flaw
2014-04-16 18:37:00
seebug
seebug
strongSwan IKEv2 SAιͺθ―η»θΏζΌζ΄
2014-04-18 00:00:00
cve
cve
CVE-2014-2338
2014-04-16 18:37:14
securityvulns
securityvulns
[SECURITY] [DSA 2903-1] strongswan security update
2014-05-04 00:00:00
Openswan / Strongswan security vulnerabilities
2014-05-07 00:00:00
nessus
nessus
SuSE 11.3 Security Update : strongswan (SAT Patch Number 9089)
2014-04-16 00:00:00
FreeBSD : strongswan -- Remote Authentication Bypass (6fb521b0-d388-11e3-a790-000c2980a9f3)
2014-05-05 00:00:00
Fedora 20 : strongswan-5.1.3-1.fc20 (2014-5231)
2014-04-25 00:00:00
cvelist
cvelist
CVE-2014-2338
2014-04-16 18:00:00
debian
debian
[SECURITY] [DSA 2903-1] strongswan security update
2014-04-14 15:01:29
ubuntucve
ubuntucve
CVE-2014-2338
2014-04-16 00:00:00
osv
osv
strongswan - security update
2014-04-14 00:00:00
strongswan-5.3.5-1.1 on GA media
2024-06-15 00:00:00
nvd
nvd
CVE-2014-2338
2014-04-16 18:37:14
gentoo
gentoo
strongSwan: Multiple Vulnerabilities
2014-12-13 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: strongswan-5.1.3-1.fc20
2014-04-24 07:35:30
[SECURITY] Fedora 19 Update: strongswan-5.1.3-1.fc19
2014-04-24 07:41:29
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
EPSS
0.017
Percentile
87.8%
Related for DEBIANCVE:CVE-2014-2338