CVE-2021-45079

CVE-2021-45079

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

Source: CVE-2021-45079

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다