EUVD-2018-8558

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Missing message authentication in Tinc VPN allows man-in-the-middle attack disabling encryption.

Reporter	Title	Published	Views	Family All 28
AlpineLinux	CVE-2018-16758	10 Oct 201800:00	–	alpinelinux
CNVD	Unspecified Vulnerability in Tinc VPN	12 Oct 201800:00	–	cnvd
CVE	CVE-2018-16758	10 Oct 201800:00	–	cve
Cvelist	CVE-2018-16758	10 Oct 201800:00	–	cvelist
Debian	[SECURITY] [DSA 4312-1] tinc security update	8 Oct 201817:13	–	debian
Debian	[SECURITY] [DSA 4312-1] tinc security update	8 Oct 201817:13	–	debian
Debian CVE	CVE-2018-16758	10 Oct 201800:00	–	debiancve
Tenable Nessus	Debian DSA-4312-1 : tinc - security update	9 Oct 201800:00	–	nessus
Tenable Nessus	Fedora 28 : tinc (2018-31c2a0b2ea)	3 Jan 201900:00	–	nessus
Tenable Nessus	Fedora 29 : tinc (2018-afae5e8438)	3 Jan 201900:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "783371e3-9e0a-36d4-b897-8f0ad2f70e58",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "d266e98a-9e00-3f1b-9c0d-55542970aa62",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
suse	www.suse.com/security/cve/CVE-2018-16758.html
debian	www.debian.org/security/2018/dsa-4312
tinc-vpn	www.tinc-vpn.org/security/
tinc-vpn	www.tinc-vpn.org/git/browse
starwindsoftware	www.starwindsoftware.com/security/sw-20190227-0003/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.9

CVSS 24.3

EPSS0.0011