6.7 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.4%
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC.
www.securityfocus.com/archive/1/249142
exchange.xforce.ibmcloud.com/vulnerabilities/7868