RADIUS: Blast RADIUS Security Advisory (CVE-2024-3596)
Issue
CVE-2024-3596 - A vulnerability in the RADIUS (Remote Authentication Dial-In User Service) protocol allows attackers to forge authentication responses when the Message-Authenticator attribute is not enforced
Solution
Riverbed is currently assessing the exposure of the vulnerability across our products, this vulnerability is related to a fundamental security flaw in the RADIUS protocol so a short term mitigation is to not use RADIUS for authentication and consider an alternative authentication protocol such as TACACS or SAML 2.0.
Product |
Vulnerability Assessment |
| AppResponse11 | Currently Assessing |
| Portal | Currently Assessing |
| NetProfiler | Currently Assessing |
| Flow Gateway | Currently Assessing |
| NetIM 2.X | Currently Assessing |
| SteelFusion Edge | Currently Assessing |
| SteelFusionCore (appliance, virtual) | Currently Assessing |
| SteelHead CX (appliance, virtual, cloud) | Currently Assessing |
| SteelHead Interceptor | Currently Assessing |
| SteelCentral Controller for SteelHead | Currently Assessing |
| Client Accelerator Controller | Currently Assessing |
| WinSec Controller for SteelHead (WSC) | Currently Assessing |
NOTE: To receive real-time updates on this article, please click the Subscribe icon in the upper left corner of this article. You must be logged into the support site to subscribe. Updates will be emailed to you as they are published. For additional information on how to subscribe, see S22384.
Related Bugs
Attachments
Related Files
NOTICE: Riverbed® product names have changed. Please refer to the Product List for a complete list of product names.
Can't find an answer? Create a case