RADIUS Protocol Spoofing Vulnerability (Blast-RADIUS): July 2024

2024-07-1016:00:00

tools.cisco.com

radius

spoofing

vulnerability

july 2024

cisco

md5 response authenticator

AI Score

9.3

Confidence

High

EPSS

Percentile

10.7%

JSON

On July 7, 2024, security researchers disclosed the following vulnerability in the RADIUS protocol:

CVE-2024-3596: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by an on-path attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
This vulnerability may impact any RADIUS client and server. For a description of this vulnerability, see VU#456537: RADIUS protocol susceptible to forgery attacks [“https://www.kb.cert.org/vuls/id/456537”].

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-radius-spoofing-july-2024-87cCDwZ3 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-radius-spoofing-july-2024-87cCDwZ3”]

Affected configurations

Vulners

Node

ciscocisco_adaptive_security_appliance_\(asa\)_softwareMatchany

VendorProductVersionCPE
ciscocisco_adaptive_security_appliance_\(asa\)_softwareanycpe:2.3:a:cisco:cisco_adaptive_security_appliance_\(asa\)_software:any:*:*:*:*:*:*:*