Vulnerability Details CVE-2023-30570
pluto in Libreswan before 4.11 allows a denial of service (responder SPI mishandling and daemon crash) via unauthenticated IKEv1 Aggressive Mode packets. The earliest affected version is 3.28.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 63.4%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-30570
-
cpe:2.3:a:libreswan:libreswan:3.28
-
cpe:2.3:a:libreswan:libreswan:3.29
-
cpe:2.3:a:libreswan:libreswan:3.31
-
cpe:2.3:a:libreswan:libreswan:3.32
-
cpe:2.3:a:libreswan:libreswan:4.0
-
cpe:2.3:a:libreswan:libreswan:4.1
-
cpe:2.3:a:libreswan:libreswan:4.10
-
cpe:2.3:a:libreswan:libreswan:4.2
-
cpe:2.3:a:libreswan:libreswan:4.3
-
cpe:2.3:a:libreswan:libreswan:4.4
-
cpe:2.3:a:libreswan:libreswan:4.5
-
cpe:2.3:a:libreswan:libreswan:4.6
-
cpe:2.3:a:libreswan:libreswan:4.7
-
cpe:2.3:a:libreswan:libreswan:4.8
-
cpe:2.3:a:libreswan:libreswan:4.9
-
cpe:2.3:a:libreswan:libreswan:4.9-1.el8
-
cpe:2.3:a:libreswan:libreswan:4.9-1.el9