Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-3596

Опубликовано: 09 июл. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 9

Описание

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

РелизСтатусПримечание
devel

not-affected

3.2.5+dfsg-3
esm-infra/bionic

needed

esm-infra/focal

not-affected

3.0.20+dfsg-3ubuntu0.4
esm-infra/xenial

needed

focal

released

3.0.20+dfsg-3ubuntu0.4
jammy

released

3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3.3
mantic

ignored

end of life, was needed
noble

released

3.2.5+dfsg-3~ubuntu24.04.1
oracular

not-affected

3.2.5+dfsg-3
plucky

not-affected

3.2.5+dfsg-3

Показывать по

РелизСтатусПримечание
devel

released

1.21.3-4ubuntu1
esm-infra-legacy/trusty

released

1.12+dfsg-2ubuntu5.4+esm6
esm-infra/bionic

released

1.16-2ubuntu0.4+esm3
esm-infra/focal

not-affected

1.17-6ubuntu4.8
esm-infra/xenial

released

1.13.2+dfsg-5ubuntu2.2+esm6
focal

released

1.17-6ubuntu4.8
jammy

released

1.19.2-2ubuntu0.5
noble

released

1.20.1-6ubuntu2.3
oracular

released

1.21.3-3ubuntu0.1
plucky

released

1.21.3-4ubuntu1

Показывать по

РелизСтатусПримечание
devel

not-affected

3.0.0-1
esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

noble

needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%
0.0104
Низкий

9 Critical

CVSS3

Связанные уязвимости

redhat логотип

CVE-2024-3596

CVSS3: 9
redhat
12 месяцев назад

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

nvd логотип

CVE-2024-3596

CVSS3: 9
nvd
11 месяцев назад

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

msrc логотип

CVE-2024-3596

CVSS3: 7.5
msrc
12 месяцев назад

CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability

debian логотип

CVE-2024-3596

CVSS3: 9
debian
11 месяцев назад

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a ...

suse-cvrf логотип

SUSE-SU-2024:2367-1

suse-cvrf
11 месяцев назад

Security update for freeradius-server

EPSS

Процентиль: 76%
0.0104
Низкий

9 Critical

CVSS3