CVE-2013-2944

strongSwan <5.0.3 - Auth Bypass

Title source: llm

Description

strongSwan 4.3.5 through 5.0.3, when using the OpenSSL plugin for ECDSA signature verification, allows remote attackers to authenticate as other users via an invalid signature.

References (7)

Scores

EPSS 0.0032
EPSS Percentile 54.6%

Classification

CWE
CWE-287
Status draft

Affected Products (17)

strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
strongswan/strongswan
... and 2 more

Timeline

Published May 02, 2013
Tracked Since Feb 18, 2026