This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

strongSwan Vulnerability (CVE-2023-26463)

Has this been addressed in 19.0 MR2 or 19.5 MR1? Didn't find it in the Release Notes regarding IPsec.



This thread was automatically locked due to age.

Top Replies

Parents Reply Children
  • Our version is 5.6.3.

    The below CVE mentions affected version as 5.9, so we are not affected by this.

     

    strongSwan Vulnerability (CVE-2023-26463)

    Mar 02, 2023

    A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.