CVE-2018-16758

Missing message authentication in the meta-protocol in Tinc VPN version 1.0.34 and earlier allows a man-in-the-middle attack to disable the encryption of VPN packets.
Configurations

Configuration 1

cpe:2.3:a:tinc-vpn:tinc:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12533:*:*:*:vsphere:*:*
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build12658:*:*:*:vsphere:*:*

Information

Published : 2018-10-10 09:29

Updated : 2022-10-25 04:51


NVD link : CVE-2018-16758

Mitre link : CVE-2018-16758

Products Affected
No products.
CWE