CVE-2017-9148
CRITICALFreeRADIUS 2.1.1-2.1.7, 3.0.x < 3.0.14, 3.1.x/4.0.x < 2017-02-04 - TLS Session Cache Bypass
Title source: llmDescription
The TLS session cache in FreeRADIUS 2.1.1 through 2.1.7, 3.0.x before 3.0.14, 3.1.x before 2017-02-04, and 4.0.x before 2017-02-04 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.
References (6)
Core 6
Core References
Not Applicable x_refsource_misc
http://freeradius.org/security.html
Mailing List, VDB Entry x_refsource_misc
http://seclists.org/oss-sec/2017/q2/422
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1581
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038576
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/98734
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201706-27
Scores
CVSS v3
9.8
EPSS
0.0391
EPSS Percentile
89.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-287
Status
published
Products (21)
freeradius/freeradius
2.1.1
freeradius/freeradius
2.1.2
freeradius/freeradius
2.1.3
freeradius/freeradius
2.1.4
freeradius/freeradius
2.1.6
freeradius/freeradius
2.1.7
freeradius/freeradius
3.0.0
freeradius/freeradius
3.0.1
freeradius/freeradius
3.0.2
freeradius/freeradius
3.0.3
... and 11 more
Published
May 29, 2017
Tracked Since
Feb 18, 2026