CVE-2022-4967

Name
CVE-2022-4967
Description
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the IKE or EAP identity supplied by a client is not enforced to be contained in the client's certificate. So clients can authenticate with any trusted certificate and claim an arbitrary IKE/EAP identity as their own. This is problematic if the identity is used to make policy decisions. A fix was released in strongSwan version 5.9.6 in August 2022 (e4b4aabc4996fc61c37deab7858d07bc4d220136).
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
patch https://github.com/strongswan/strongswan/commit/e4b4aabc4996fc61c37deab7858d07bc4d220136
issue-tracking https://www.cve.org/CVERecord?id=CVE-2022-4967
vendor-advisory https://www.strongswan.org/blog/2024/05/13/strongswan-vulnerability-(cve-2022-4967).html

Match rules

CPE URI Source package Min version Max version
strongswan >= 5.9.2 < 5.9.6

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
strongswan 3.16-main 5.9.5-r2 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable