THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Fathom (Privacy friendly web analytics)
Zendesk (Helpdesk and Chat)

Ok

Home | EN
Support
CVE
PUBLISHED

CVE-2022-4967

Assignercanonical
Reserved2024-04-19
Published2024-05-13
Updated2024-06-04

Description

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client's certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136).



HIGH: 7.7CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Problem types

CWE-297

Product status

5.9.2 before 5.9.6
affected

Credits

Jan Schermer reporter

References

https://github.com/strongswan/strongswan/commit/e4b4aabc4996fc61c37deab7858d07bc4d220136 patch

https://www.strongswan.org/blog/2024/05/13/strongswan-vulnerability-(cve-2022-4967).html vendor-advisory

https://www.cve.org/CVERecord?id=CVE-2022-4967 issue-tracking

cve.org CVE-2022-4967

nvd.nist.gov CVE-2022-4967

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2022-4967
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
© Copyright 2024 THREATINT. Made in Cyprus with +