The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack.Referenceshttps://web-in-security.blogspot.com/2018/08/practical-bleichenbacher-attacks-on-ipsec-ike.htmlhttps://www.clavister.com/advisories/security/clav-sa-0157-bleichenbacher-oracle-vulnerability-in-ikev1
