High-severity vulnerability in IPsec
NISCC said three attacks that apply to certain configurations of IPsec have been identified. "These configurations use Encapsulating Security Payload [ESP] in tunnel mode with confidentiality only, or with integrity protection being provided by a higher layer protocol," the advisory said, adding that certain configurations using the Authentication Header [AH] are also vulnerable.
The link for this article located at SearchSecurity is no longer available.