CVE-2013-2944

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:strongswan:strongswan:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.5.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.2:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.3:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:4.6.4:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:strongswan:strongswan:5.0.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-05-02 14:55

Updated : 2018-08-13 21:47


NVD link : CVE-2013-2944

Mitre link : CVE-2013-2944


JSON object : View

Products Affected

strongswan

  • strongswan
CWE
CWE-287

Improper Authentication