Security Advisory

CVE-2025-11955

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-27 11:30:24

Last updated 2025-10-27 13:19:15

Assigner INCIBE

State PUBLISHED

Description

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.

← Browse all CVEs View on cve.org ↗