Authentication Bypass in strongSwan IKEv2 Implementation
CVE-2014-2338

Currently unrated

Key Information:

Vendor

Strongswan

Status
Strongswan
Vendor
CVE Published:
16 April 2014

What is CVE-2014-2338?

The IKEv2 implementation in strongSwan prior to version 5.1.3 allows remote attackers to exploit a flaw through the rekeying process of an IKE_SA. This can occur during both initiation and re-authentication phases, leading to an established IKE_SA state without proper authentication checks. As a result, this vulnerability can enable unauthorized access to secure VPN communications, posing significant risks to network integrity and data confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://lists.opensuse.org/opensuse-updates/2014-05/msg000...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2014...
vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-updates/2014-05/msg000...
vendor-advisoryx_refsource_SUSE

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.