Lucene search

[email protected]CVE-2021-41990

HistoryOct 18, 2021 - 2:15 p.m.

CVE-2021-41990

2021-10-1814:15:00

CWE-190

[email protected]

web.nvd.nist.gov

146

cve-2021-41990

gmp plugin

strongswan

integer overflow

remote code execution

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.029 Low

EPSS

Percentile

90.7%

JSON

The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example, this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.

CPENameOperatorVersion
strongswan:strongswanstrongswanlt5.9.4
debian:debian_linuxdebian debian linuxeq10.0
debian:debian_linuxdebian debian linuxeq11.0
fedoraproject:fedorafedoraproject fedoraeq33
fedoraproject:fedorafedoraproject fedoraeq34
fedoraproject:fedorafedoraproject fedoraeq35
siemens:6gk6108-4am00-2ba2_firmwaresiemens 6gk6108-4am00-2ba2 firmwareeq-
siemens:6gk6108-4am00-2da2_firmwaresiemens 6gk6108-4am00-2da2 firmwareeq-
siemens:6gk5804-0ap00-2aa2_firmwaresiemens 6gk5804-0ap00-2aa2 firmwareeq-
siemens:6gk5812-1aa00-2aa2_firmwaresiemens 6gk5812-1aa00-2aa2 firmwareeq-

CPE	Name	Operator	Version
strongswan:strongswan	strongswan	lt	5.9.4
debian:debian_linux	debian debian linux	eq	10.0
debian:debian_linux	debian debian linux	eq	11.0
fedoraproject:fedora	fedoraproject fedora	eq	33
fedoraproject:fedora	fedoraproject fedora	eq	34
fedoraproject:fedora	fedoraproject fedora	eq	35
siemens:6gk6108-4am00-2ba2_firmware	siemens 6gk6108-4am00-2ba2 firmware	eq	-
siemens:6gk6108-4am00-2da2_firmware	siemens 6gk6108-4am00-2da2 firmware	eq	-
siemens:6gk5804-0ap00-2aa2_firmware	siemens 6gk5804-0ap00-2aa2 firmware	eq	-
siemens:6gk5812-1aa00-2aa2_firmware	siemens 6gk5812-1aa00-2aa2 firmware	eq	-