7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
55.1%
strongSwan before 5.9.8 allows remote attackers to cause a denial of
service in the revocation plugin by sending a crafted end-entity (and
intermediate CA) certificate that contains a CRL/OCSP URL that points to a
server (under the attacker’s control) that doesn’t properly respond but
(for example) just does nothing after the initial TCP handshake, or sends
an excessive amount of application data.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | strongswan | < 5.6.2-1ubuntu2.9 | UNKNOWN |
ubuntu | 20.04 | noarch | strongswan | < 5.8.2-1ubuntu3.5 | UNKNOWN |
ubuntu | 22.04 | noarch | strongswan | < 5.9.5-2ubuntu2.1 | UNKNOWN |
ubuntu | 22.10 | noarch | strongswan | < 5.9.6-1ubuntu2 | UNKNOWN |
ubuntu | 23.04 | noarch | strongswan | < 5.9.6-1ubuntu2 | UNKNOWN |
ubuntu | 23.10 | noarch | strongswan | < 5.9.6-1ubuntu2 | UNKNOWN |
ubuntu | 24.04 | noarch | strongswan | < 5.9.6-1ubuntu2 | UNKNOWN |
ubuntu | 14.04 | noarch | strongswan | < 5.1.2-0ubuntu2.11+esm3 | UNKNOWN |
ubuntu | 16.04 | noarch | strongswan | < 5.3.5-1ubuntu3.8+esm3 | UNKNOWN |