Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2015-8023 |
CWE-ID | CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
strongSwan Server applications / Encryption software |
Vendor | strongswan.org |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU32362
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2015-8023
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to manipulate data.
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message.
MitigationInstall update from vendor's website.
Vulnerable software versionsstrongSwan: 5.3.0 - 5.3.3
External linkshttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00025.html
http://lists.opensuse.org/opensuse-updates/2015-11/msg00139.html
http://www.debian.org/security/2015/dsa-3398
http://www.securityfocus.com/bid/84947
http://www.ubuntu.com/usn/USN-2811-1
http://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.