Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
UninettRadsecproxy

3 matches found

CVE
CVEadded 2021/05/28 4:40 p.m.96 views

CVE-2021-32642

radsecproxy is affected by CVE-2021-32642 due to missing input validation in the internal dyndisc scripts naptr-eduroam.sh and radsec-dynsrv.sh, which can allow configuration injection via crafted radsec peer discovery DNS records. reported impacts include information disclosure, DoS, and the red...

9.4CVSS8.1AI score0.01331EPSS
CVE
CVEadded 2012/11/20 12:0 a.m.59 views

CVE-2012-4523

Radsecproxy vulnerable to CVE-2012-4523: in 1.6.1 and earlier, certificate verification can bypass restrictions when configuration blocks include CA settings not related to the used verification block, enabling potential client spoofing. Root cause: improper certificate-chain verification across ...

6.4CVSS6.5AI score0.01763EPSS
CVE
CVEadded 2012/11/20 12:0 a.m.52 views

CVE-2012-4566

The CVE-2012-4566 issue affects radsecproxy DTLS, where DTLS certificate verification can fail when multiple CA blocks exist and are unrelated to the verification chain, potentially allowing remote attackers to bypass access restrictions and spoof clients. Affected versions are radsecproxy before...

6.4CVSS6.5AI score0.01499EPSS