Security Advisory

CVE-2021-45079

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-31 07:15:52

Last updated 2024-08-04 04:32:13

Assigner mitre

State PUBLISHED

Description

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

← Browse all CVEs View on cve.org ↗