CVE-2024-3596

RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.

Description

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.

References

Link	Tags
https://datatracker.ietf.org/doc/html/rfc2865	technical description
https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/	technical description
https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf	third party advisory
https://www.blastradius.fail/	technical description
http://www.openwall.com/lists/oss-security/2024/07/09/4	mailing list
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014	third party advisory
https://security.netapp.com/advisory/ntap-20240822-0001/	third party advisory
https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol	third party advisory

Frequently Asked Questions

What is the severity of CVE-2024-3596?: CVE-2024-3596 has been scored as a critical severity vulnerability.
How to fix CVE-2024-3596?: To fix CVE-2024-3596, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2024-3596 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2024-3596 is being actively exploited. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-3596?: CVE-2024-3596 affects IETF RFC.

Description

Categories

CWE-354 – Improper Validation of Integrity Check Value

CWE-200 – Exposure of Sensitive Information to an Unauthorized Actor

References

Frequently Asked Questions