Lucene search

K
osvGoogleOSV:UBUNTU-CVE-2024-3596
HistoryJul 09, 2024 - 12:00 p.m.

UBUNTU-CVE-2024-3596

2024-07-0912:00:00
Google
osv.dev
7
ubuntu
cve-2024-3596
radius protocol
rfc 2865
forgery attacks
local attacker
chosen-prefix collision attack
md5 response authenticator signature
software

AI Score

6.8

Confidence

Low

RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.