tinc before 1.0.30 has a broken authentication protocol, without even a partial mitigation.
References
Link | Resource |
---|---|
http://tinc-vpn.org/security/ | Vendor Advisory |
http://www.tinc-vpn.org/git/browse?p=tinc%3Ba=commit%3Bh=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a | |
https://www.starwindsoftware.com/security/sw-20190227-0001/ | Third Party Advisory |
Configurations
History
07 Nov 2023, 02:53
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
25 Oct 2022, 16:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Starwindsoftware starwind Virtual San
Starwindsoftware |
|
CPE | cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:* cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:* |
|
References | (MISC) https://www.starwindsoftware.com/security/sw-20190227-0001/ - Third Party Advisory |
11 Oct 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | (CONFIRM) http://www.tinc-vpn.org/git/browse?p=tinc;a=commit;h=d3297fbd3b8c8c8a4661f5bbf89aca5cacba8b5a - Mitigation, Mailing List, Vendor Advisory |
Information
Published : 2018-10-10 21:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-16737
Mitre link : CVE-2018-16737
CVE.ORG link : CVE-2018-16737
JSON object : View
Products Affected
starwindsoftware
- starwind_virtual_san
tinc-vpn
- tinc
CWE
CWE-287
Improper Authentication