admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2015/8xxx/CVE-2015-8023.json

88 lines
2.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2015-8023",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html",
"refsource" : "CONFIRM",
"url" : "https://www.strongswan.org/blog/2015/11/16/strongswan-vulnerability-(cve-2015-8023).html"
},
{
"name" : "DSA-3398",
"refsource" : "DEBIAN",
"url" : "http://www.debian.org/security/2015/dsa-3398"
},
{
"name" : "openSUSE-SU-2015:2103",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-updates/2015-11/msg00139.html"
},
{
"name" : "SUSE-SU-2015:2183",
"refsource" : "SUSE",
"url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00025.html"
},
{
"name" : "USN-2811-1",
"refsource" : "UBUNTU",
"url" : "http://www.ubuntu.com/usn/USN-2811-1"
},
{
"name" : "84947",
"refsource" : "BID",
"url" : "http://www.securityfocus.com/bid/84947"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink