cvedb.io
CVE-2015-4171
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-06-10T18:59:09.097 · Last modified 2026-06-17T00:26:51.637

Summary

strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authenticating an IKEv2 connection, does not enforce server authentication restrictions until the entire authentication process is complete, which allows remote servers to obtain credentials by using a valid certificate and then reading the responses.

Affected products

strongswan — strongswan_vpn_client

Does this affect you?

Add your gear to cvedb and we'll alert you only when strongswan ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.