libradcli10-1.5.0-1.1 on GA media (moderate)

libradcli10-1.5.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10528-1 Rating: moderate Cross-References: CVE-2024-3596 CVSS scores: CVE-2024-3596 SUSE : 7.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

MiracleLinux 8 : freeradius:3.0 (AXSA:2024-8637:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8637:01 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 8 : krb5-1.18.2-30.el8_10 (AXSA:2024-8967:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8967:06 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...

MiracleLinux 7 : krb5-1.15.1-55.0.2.el7.AXS7 (AXSA:2025-9717:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9717:01 advisory. improve your network's security by eliminating the insecure practice of cleartext passwords. Security fixes: - CVE-2024-3596: implement support for...

Photon OS 5.0: Krb5 PHSA-2025-5.0-0545

An update of the krb5 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0545. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

TencentOS Server 2: krb5 (TSSA-2024:0862)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0862 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: krb5 (TSSA-2024:0803)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0803 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: freeradius (TSSA-2024:0492)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0492 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CLSA-2025-1748001506 krb5: Fix of CVE-2024-3596

CVE-2024-3596: implement support for Message-Authenticator in libkrad...

Alibaba Cloud Linux 3 : 0159: freeradius:3.0 (ALINUX3-SA-2024:0159)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0159 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3596: RADIUS Protocol under RFC 2865 is...

Alibaba Cloud Linux 3 : 0239: krb5 (ALINUX3-SA-2024:0239)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0239 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-3596: RADIUS Protocol under RFC 2865 is...

Siemens SIPROTEC and SICAM

SUMMARY This advisory documents the impact of CVE-2024-3596 also dubbed "Blastradius", a vulnerability in the RADIUS protocol, to SIPROTEC, SICAM and related products. The vulnerability could allow on-path attackers, located between a Network Access Server the RADIUS client, e.g., a SICAM device...

Security Bulletin: Multiple Vulnerabilities in IBM Cloud Pak for Network Automation

Summary Multiple vulnerabilities were addressed in IBM Cloud Pak for Network Automation 2.7.8 Vulnerability Details CVEID:CVE-2024-24790 DESCRIPTION: An unspecified error related to various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses in the...

Advisory ROSA-SA-2025-2806

Software: krb5 1.18.2 OS: ROSA Virtualization 3.0 packageevrstring: krb5-1.18.2-31.0.1.rv30 CVE-ID: CVE-2024-37370 BDU-ID: 2024-07016 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the implementation of the Kerberos network authentication protocol is associated with a change to the public Extra Cou...

CLSA-2025-1743103421 freeradius: Fix of CVE-2024-3596

CVE-2024-3596: fix chosen-prefix collision attack against MD5 Response Authenticator signature that allowed malicious modification of valid RADIUS responses...

RockyLinux 9 : krb5 (RLSA-2024:9474)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:9474 advisory. freeradius: forgery attack CVE-2024-3596 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note that Nessus ha...

Fortinet Fortigate RADIUS Protocol CVE-2024-3596 (FG-IR-24-255)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-255 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

Fortinet FortiWeb RADIUS Protocol CVE-2024-3596 (FG-IR-24-255)

The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-24-255 advisory. - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response...

CLSA-2025-1740132301 krb5: Fix of CVE-2024-3596

CVE-2024-3596: Generate and verify message MACs in libkrad for vulnerability in RADIUS protocol which allows attackers to forge authentication responses...

CLSA-2025-1740132172 krb5: Fix of CVE-2024-3596

CVE-2024-3596: Generate and verify message MACs in libkrad for vulnerability in RADIUS protocol which allows attackers to forge authentication responses...