9.2 High
AI Score
Confidence
High
5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
65.4%
Intoto iGateway VPN and iGateway SSL-VPN allow context-dependent attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) âpublic exponentâ or (2) âpublic modulusâ values in X.509 certificates that require extra time to process when using RSA signature verification, a related issue to CVE-2006-2940.
CPE | Name | Operator | Version |
---|---|---|---|
intoto:igateway_ssl-vpn | intoto igateway ssl-vpn | eq | * |
intoto:igateway_vpn | intoto igateway vpn | eq | * |