9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.6 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.061 Low
EPSS
Percentile
93.4%
software: strongswan 5.9.10
OS: ROSA-CHROME
package_evr_string: strongswan-5.9.10-1.src.rpm
CVE-ID: CVE-2021-41990
BDU-ID: 2022-04051
CVE-Crit: HIGH
CVE-DESC.: The gmp plugin in StrongSwan prior to version 5.9.4 has a remote integer overflow via a generated RSASSA-PSS signed certificate. For example, this could be caused by an unlinked self-authenticating CA certificate sent by the initiator. Remote code execution is not possible.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update strongswan
CVE-ID: CVE-2021-41991
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: The in-memory certificate cache in StrongSwan before version 5.9.4 has a remote integer overflow when receiving multiple requests with different certificates to fill the cache and then replace the cache entries. The code tries to select a less frequently used cache entry using a random number generator, but this is not done correctly. Remote code execution may be a small probability.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update strongswan
CVE-ID: CVE-2021-45079
BDU-ID: None
CVE-Crit: CRITICAL.
CVE-DESC.: In StrongSwan before 5.9.5, an attacker can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without authenticating the server.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update strongswan
CVE-ID: CVE-2022-40617
BDU-ID: None
CVE-Crit: HIGH
CVE-DESC.: StrongSwan to version 5.9.8 allows remote attackers to cause a denial of service in a revocation plugin by sending a crafted endpoint (and intermediate CA) certificate that contains a CRL/OCSP URL pointing to a server (under the attacker’s control) that does not respond properly, but (for example) simply does nothing after the initial TCP validation or sends too much application data.
CVE-STATUS: Fixed
CVE-REV: To close, run command: sudo dnf update strongswan
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ROSA | any | noarch | strongswan | < 5.9.10 | UNKNOWN |
9.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.6 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:N/A:P
0.061 Low
EPSS
Percentile
93.4%