strongMan AES Encryption Vulnerability Leading to Private Credential Recovery
Vulnerability
A vulnerability in strongMan, a management interface for strongSwan VPN, allows for the recovery of encrypted credentials from the database. This issue arises because strongMan used AES encryption in CTR mode with a global database key, leading to the same key stream being applied to all database fields. As a result, an attacker with database access could decrypt private keys and EAP secrets. The vulnerability affects strongMan versions prior to 0.2.0.
Impact
Exploitation of this vulnerability allows for the recovery of encrypted private credentials, including ECDSA private keys and EAP secrets, from the database.
Remediation
Users can upgrade to strongMan version 0.2.0 or later, which addresses the vulnerability by implementing AES-GCM-SIV encryption with a random nonce and individually derived encryption keys for each value. Database migrations are available to re-encrypt all credentials.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.