Authentication Bypass Vulnerability in strongSwan IKEv2

Authentication Bypass Vulnerability in strongSwan IKEv2

CVE-2014-2338 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:P/A:N

IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) initiation or (2) re-authentication, which triggers the IKE_SA state to be set to established.

Learn more about our Web Application Penetration Testing UK.