Lucene search
K

142 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.124 views

KB5040456: Windows Server 2012 R2 Security Update (July 2024)

The remote Windows host is missing security update 5040456. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9.8CVSS9.1AI score0.84345EPSS
Exploits7References68
Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.226 views

KB5040437: Windows Server 2022 / Azure Stack HCI 22H2 Security Update (July 2024)

The remote Windows host is missing security update 5040437. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9.8CVSS8AI score0.84345EPSS
Exploits7References83
CERT
CERT
added 2024/07/09 12:0 a.m.61 views

RADIUS protocol susceptible to forgery attacks.

Overview A vulnerability in the RADIUS protocol allows an attacker allows an attacker to forge an authentication response in cases where a Message-Authenticator attribute is not required or enforced. This vulnerability results from a cryptographically insecure integrity check when validating...

9CVSS8.2AI score0.14859EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.143 views

KB5040430: Windows 10 version 1809 / Windows Server 2019 Security Update (July 2024)

The remote Windows host is missing security update 5040430. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9.8CVSS8AI score0.84345EPSS
Exploits7References80
Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.84 views

KB5040431: Windows 11 version 21H2 Security Update (July 2024)

The remote Windows host is missing security update 5040431. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9CVSS9.1AI score0.84345EPSS
Exploits2References73
Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.78 views

KB5040442: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (July 2024)

The remote Windows host is missing security update 5040442. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9CVSS9.1AI score0.84345EPSS
Exploits2References75
Tenable Nessus
Tenable Nessus
added 2024/07/09 12:0 a.m.105 views

KB5040427: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (July 2024)

The remote Windows host is missing security update 5040427. It is, therefore, affected by multiple vulnerabilities - RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any othe...

9CVSS9.1AI score0.84345EPSS
Exploits2References71
OSV
OSV
added 2023/10/25 6:17 p.m.5 views

CVE-2023-39930

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius PCV when a MSCHAP authentication request is sent via a maliciously crafted RADIUS client request...

9.8CVSS5.8AI score0.00692EPSS
Exploits0References2
NCSC
NCSC
added 2023/09/07 12:0 a.m.6 views

Vulnerability fixed in Cisco Identity Services Engine

Cisco has fixed a vulnerability in Identity Services Engine. An unauthenticated malicious person could exploit the vulnerability to cause a denial-of-service. The vulnerability is located in the way RADIUS is processed. Sending specially prepared RADIUS packets can cause the system stop processin...

8.6CVSS7AI score0.00758EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:23 a.m.1 views

SUSE CVE-2022-41861

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...

7.5CVSS6.6AI score0.01103EPSS
Exploits0References9
Fedora
Fedora
added 2022/12/16 1:43 a.m.44 views

[SECURITY] Fedora 36 Update: freeradius-3.0.26-1.fc36

The FreeRADIUS Server Project is a high performance and highly configurable GPL'd free RADIUS server. The server is similar in some respects to Livingston's 2.0 server. While FreeRADIUS started as a variant of the Cistron RADIUS server, they don't share a lot in common any more. It now has many...

7.5CVSS7.3AI score0.01171EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/16 12:0 a.m.25 views

Fedora: Security Advisory for freeradius (FEDORA-2022-98832b2cc2)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.2AI score0.01171EPSS
Exploits0References2
OSV
OSV
added 2022/12/14 12:0 a.m.3 views

UBUNTU-CVE-2022-41861

A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash...

6.5CVSS5.8AI score0.01103EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2022/11/25 12:0 a.m.3 views

PT-2022-6503 · Wind River · Vxworks

Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through 7 Description: The issue allows a specifically crafted packet sent by a Radius server to cause Denial of Service during the IP Radius access procedure. This is related to the execution of a loop with an...

7.8CVSS7.4AI score0.01028EPSS
Exploits0References9
OSV
OSV
added 2022/11/09 10:15 p.m.4 views

CVE-2022-41097

Network Policy Server NPS RADIUS Protocol Information Disclosure Vulnerability...

6.5CVSS5.8AI score0.0146EPSS
Exploits0References1
OSV
OSV
added 2022/11/09 10:15 p.m.4 views

CVE-2022-41056

Network Policy Server NPS RADIUS Protocol Denial of Service Vulnerability...

7.5CVSS7.3AI score0.0193EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/11/09 10:15 p.m.3 views

CVE-2022-41097

Network Policy Server NPS RADIUS Protocol Information Disclosure Vulnerability...

6.5CVSS5.8AI score0.0146EPSS
Exploits0References3Affected Software26
ATTACKERKB
ATTACKERKB
added 2022/11/09 10:15 p.m.10 views

CVE-2022-41056

Network Policy Server NPS RADIUS Protocol Denial of Service Vulnerability...

7.5CVSS7.2AI score0.0193EPSS
Exploits0References3Affected Software26
Cvelist
Cvelist
added 2022/11/09 12:0 a.m.47 views

CVE-2022-41097 Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability

...

6.5CVSS7.6AI score0.0146EPSS
Exploits0References1
Kaspersky
Kaspersky
added 2022/11/08 12:0 a.m.254 views

KLA20047 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...

8.8CVSS9.8AI score0.24623EPSS
Exploits1References74
Rows per page
Query Builder