Vulnerabilities

CVE-2021-45079

by Fred · 31/01/2022

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

Date published : 2022-01-31

https://www.strongswan.org/blog/2022/01/24/strongswan-vulnerability-%28cve-2021-45079%29.html

Related

Tags: Cybersecurity Alert