5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.834 High
EPSS
Percentile
98.4%
The pluto IKE daemon in Openswan and Strongswan IPsec 2.6 before 2.6.21 and
2.4 before 2.4.14, and Strongswan 4.2 before 4.2.14 and 2.8 before 2.8.9,
allows remote attackers to cause a denial of service (daemon crash and
restart) via a crafted (1) R_U_THERE or (2) R_U_THERE_ACK Dead Peer
Detection (DPD) IPsec IKE Notification message that triggers a NULL pointer
dereference related to inconsistent ISAKMP state and the lack of a phase2
state association in DPD.