6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
12.3%
A vulnerability in libreswan software is related to a null pointer dereferencing error in the
IKEv1 fast mode packets. Exploitation of the vulnerability could allow an attacker,
remotely send specially crafted packets to the system and perform a denial-of-service attack.
denial-of-service attack.
The libreswan software vulnerability is related to a reachability assertion in the processing of
IKEv2 REKEY packets. Exploitation of the vulnerability could allow an attacker acting remotely,
to send specially crafted packets to the system and perform a denial of service attack.
A vulnerability in the libreswan software is related to insufficient validation of user input when processing IKEv1 IKEv1 packets.
when processing IKEv1 ISAKMP SA packets. Exploitation of the vulnerability could allow an attacker,
remotely send specially crafted input data to the system and perform a denial of service attack.
"denial-of-service attack.
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
0.0004 Low
EPSS
Percentile
12.3%