CVE-2021-45079

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-45079

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-45079.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-45079

Related

Published

2022-01-31T08:15:07Z

Modified

2024-12-05T15:19:35.343290Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.

References

Affected packages

Alpine:v3.13 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r2

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

Alpine:v3.14 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r3

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

Alpine:v3.15 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.16 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.17 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.18 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.19 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.20 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Alpine:v3.21 / strongswan

Package

Name: strongswan
Purl: pkg:apk/alpine/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-r4

Affected versions

4.*

4.5.2-r0

4.6.1-r0

5.*

5.1.1-r0

5.1.1-r1

5.1.1-r2

5.1.1-r3

5.1.3-r0

5.2.0-r0

5.2.0-r1

5.2.0-r2

5.2.2-r0

5.3.0-r0

5.3.0-r1

5.3.0-r2

5.3.1-r0

5.3.1-r1

5.3.1-r2

5.3.2-r0

5.3.2-r1

5.3.2-r2

5.3.2-r3

5.3.2-r4

5.3.2-r5

5.3.2-r6

5.3.2-r7

5.3.2-r8

5.3.2-r9

5.3.2-r10

5.3.3-r0

5.3.4-r0

5.3.5-r0

5.3.5-r1

5.3.5-r2

5.4.0-r0

5.4.0-r1

5.5.0-r0

5.5.0-r1

5.5.1-r0

5.5.1-r1

5.5.2-r0

5.5.2-r1

5.5.3-r0

5.5.3-r1

5.6.0-r0

5.6.0-r1

5.6.1-r0

5.6.2-r0

5.6.2-r1

5.6.3-r0

5.6.3-r1

5.6.3-r2

5.7.0-r0

5.7.1-r0

5.7.1-r1

5.7.1-r2

5.7.2-r0

5.7.2-r1

5.8.0-r0

5.8.0-r1

5.8.1-r0

5.8.1-r1

5.8.2-r0

5.8.3-r0

5.8.4-r0

5.8.4-r1

5.8.4-r2

5.9.0-r0

5.9.0-r1

5.9.1-r0

5.9.1-r1

5.9.1-r2

5.9.1-r3

Debian:11 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.1-1+deb11u2

Affected versions

5.*

5.9.1-1

5.9.1-1+deb11u1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / strongswan

Package

Name: strongswan
Purl: pkg:deb/debian/strongswan?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.5-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/strongswan/strongswan

Affected ranges

Type: GIT
Repo: https://github.com/strongswan/strongswan
Events: Introduced

5fc278edf3795ce7eb2ff11195797f481ede0d77

Fixed

57d6e96943ae583367ae47e08edf1c43013f1bdc

Affected versions

4.*

4.1.10

4.1.11

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.1.7

4.1.8

4.1.9

4.2.0

4.2.1

4.2.10

4.2.11

4.2.12

4.2.13

4.2.14

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.5rc1

4.3.6

4.4.0

4.4.1

4.5.0

4.5.1

4.5.2

4.5.3

4.6.0

4.6.1

4.6.2

4.6.3

5.*

5.0.0

5.0.1

5.0.2

5.0.2dr4

5.0.2rc1

5.0.3

5.0.3dr1

5.0.3dr2

5.0.3dr3

5.0.3rc1

5.0.4

5.1.0

5.1.0dr1

5.1.0dr2

5.1.0rc1

5.1.1

5.1.1dr1

5.1.1dr2

5.1.1dr3

5.1.1dr4

5.1.1rc1

5.1.2

5.1.2.dr2

5.1.2dr1

5.1.2dr3

5.1.2rc1

5.1.2rc2

5.1.3

5.1.3dr1

5.1.3rc1

5.2.0

5.2.0dr1

5.2.0dr2

5.2.0dr3

5.2.0dr4

5.2.0dr5

5.2.0dr6

5.2.0rc1

5.2.1

5.2.1dr1

5.2.1rc1

5.2.2

5.2.2dr1

5.2.2rc1

5.3.0

5.3.0dr1

5.3.0rc1

5.3.1

5.3.1dr1

5.3.1rc1

5.3.2

5.3.3

5.3.3dr1

5.3.3dr3

5.3.3dr4

5.3.3dr5

5.3.3dr6

5.3.3rc2

5.3.4

5.3.4dr1

5.3.4dr2

5.3.4dr3

5.3.4rc1

5.3.5

5.4.0

5.4.0dr1

5.4.0dr2

5.4.0dr3

5.4.0dr4

5.4.0dr5

5.4.0dr6

5.4.0dr7

5.4.0dr8

5.4.0rc1

5.4.1dr1

5.4.1dr2

5.4.1dr3

5.4.1dr4

5.5.0

5.5.0dr1

5.5.0rc1

5.5.1

5.5.1dr1

5.5.1dr2

5.5.1dr3

5.5.1dr4

5.5.1dr5

5.5.1rc1

5.5.1rc2

5.5.2

5.5.2dr1

5.5.2dr2

5.5.2dr3

5.5.2dr4

5.5.2dr5

5.5.2dr6

5.5.2dr7

5.5.2rc1

5.5.3

5.5.3dr1

5.5.3dr2

5.6.0

5.6.0dr1

5.6.0dr2

5.6.0dr3

5.6.0dr4

5.6.0rc1

5.6.0rc2

5.6.1

5.6.1dr1

5.6.1dr2

5.6.1dr3

5.6.1rc1

5.6.2

5.6.2dr1

5.6.2dr2

5.6.2dr3

5.6.2dr4

5.6.2rc1

5.6.3

5.6.3dr1

5.6.3dr2

5.6.3rc1

5.7.0

5.7.0dr1

5.7.0dr2

5.7.0dr3

5.7.0dr4

5.7.0dr5

5.7.0dr6

5.7.0dr8

5.7.0rc1

5.7.0rc2

5.7.1

5.7.2

5.7.2dr1

5.7.2dr2

5.7.2dr3

5.7.2dr4

5.7.2rc1

5.8.0

5.8.0dr2

5.8.0rc1

5.8.1

5.8.1dr1

5.8.1rc2

5.8.2

5.8.2dr1

5.8.2dr2

5.8.2rc1

5.8.2rc2

5.8.3

5.8.3rc1

5.8.4

5.9.0

5.9.0dr1

5.9.0dr2

5.9.0rc1

5.9.1

5.9.1dr1

5.9.1rc1

5.9.2

5.9.2dr1

5.9.2dr2

5.9.2rc1

5.9.2rc2

5.9.3

5.9.3dr1

5.9.3dr2

5.9.3dr3

5.9.3dr4

5.9.3rc1

5.9.4

5.9.4dr1

5.9.4dr2

5.9.4dr3

5.9.4rc1

5.9.5dr1

5.9.5dr2

5.9.5dr3

5.9.5dr4

5.9.5rc1

android-2.*

android-2.3.3

android-2.3.3-1