Tobiasbrunner

**Name of the Vulnerable Software and Affected Versions** strongMan versions prior to 0.2.0 **Description** strongMan, a management interface for strongSwan, improperly encrypted credentials stored in its database. The software used AES in CTR mode with a global database key and a consistent initialization vector (IV) for all database fields. This allowed an attacker with database access to recover encrypted credentials, including certificates, ECDSA private keys, and EAP secrets. Because certificates are considered public information, an attacker could recover a significant portion of the key stream, facilitating decryption of other sensitive data. The API endpoint used for credential storage was not specified. The vulnerable parameter was the database fields containing credentials (`private keys`, `EAP secrets`). **Recommendations** Upgrade to strongMan version 0.2.0 or later. Run the provided database migrations to re-encrypt all credentials.