CVE-2021-45079 vulnerability in Strongswan and Other Products
Published on January 31, 2022

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

NVD

Products Associated with CVE-2021-45079

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-45079 are published in these products:

Strongswan

Debian Linux

Fedora Project Extra Packages Enterprise Linux

Fedora Project Fedora Extra Packages Enterprise Linux

Fedora Project Fedora

Canonical Ubuntu Linux

Exploit Probability

EPSS

0.13%

Percentile

32.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-45079 vulnerability in Strongswan and Other ProductsPublished on January 31, 2022

Products Associated with CVE-2021-45079

Exploit Probability

CVE-2021-45079 vulnerability in Strongswan and Other Products
Published on January 31, 2022