6.5
CVE-2024-2357
- EPSS 0.57%
- Veröffentlicht 11.03.2024 20:15:07
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle d42dc95b-23f1-4e06-9076-20753a
- CVE-Watchlists
- Unerledigt
IKEv2 misconfiguration can cause libreswan to abort and restart
The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use PreSharedKeys (authby=secret) and the connection cannot find a matching configured secret. When such a connection is automatically added on startup using the auto= keyword, it can cause repeated crashes leading to a Denial of Service.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerThe Libreswan Project (www.libreswan.org)
≫
Produkt
libreswan
Default Statusunaffected
Version <=
4.1
Version
3.0
Status
unaffected
Version <=
4.12
Version
4.2
Status
affected
Version
5.0
Status
unaffected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.679 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|