VDB
CISCO-SA-RADIUS-SPOOFING-JULY-2024-87CCDWZ3
CISCO-SA-RADIUS-SPOOFING-JULY-2024-87CCDWZ3
PUBLISHED
CVSS 8.100000381469727 HIGH
On July 7, 2024, security researchers disclosed the following vulnerability in the RADIUS protocol: CVE-2024-3596: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by an on-path attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature. This vulnerability may impact any RADIUS client and server. For a description of this vulnerability, see VU#456537: RADIUS protocol susceptible to forgery attacks ["https://www.kb.cert.org/vuls/id/456537"].
Risk Scores
CVSS v3.1
8.100000381469727
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco Adaptive Security Appliance (ASA) Software |
Timeline
- Jul 10, 2024 CVE Published
- Sep 3, 2024 CVE Updated
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-radius-spoofing-july-2024-87cCDwZ3 advisory
- https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html url
- https://www.kb.cert.org/vuls/id/456537 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk87884 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk71992 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk69454 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk71817 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk67902 url
- https://documentation.meraki.com/General_Administration/Privacy_and_Security/RADIUS_Protocol_Spoofing_Vulnerability_(Blast-RADIUS)%3A_July_2024 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk67747 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70832 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70833 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk67859 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk73619 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70834 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70836 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70850 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70840 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk79727 url
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwk70831 url
…and 21 more