Home

CVE-2019-13456

Description

In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. This leaks information that an attacker can use to recover the password of any user. This information leakage is similar to the Dragonblood attack and CVE-2019-9494.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.299

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-debugsource-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-doc-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-krb5-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-krb5-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-ldap-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-ldap-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-libs-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-libs-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-mysql-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-mysql-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-perl-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-perl-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-postgresql-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-postgresql-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-python-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-python-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-sqlite-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-sqlite-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-utils-3.0.15-2.14.1.x86_64.rpmLinux
SUSE-SU-2020:1018-1(SUSE Linux Enterprise Server 12-SP4 ) freeradius-server-utils-debuginfo-3.0.15-2.14.1.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-devel-3.0.13-15.el7.i686.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-devel-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-doc-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-krb5-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-ldap-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-mysql-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-perl-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-postgresql-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-python-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-sqlite-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-unixODBC-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984) freeradius security and bug fix update freeradius-utils-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-devel-3.0.13-15.el7.i686.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-devel-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-doc-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-krb5-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-ldap-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-mysql-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-perl-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-postgresql-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-python-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-sqlite-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-unixODBC-3.0.13-15.el7.x86_64.rpmLinux
(CESA-2020:3984) freeradius security and bug fix update freeradius-utils-3.0.13-15.el7.x86_64.rpmLinux
(RHSA-2020:3984)Moderate: security and bug fix update freeradius-debuginfo-3.0.13-15.el7.i686.rpmLinux
(RHSA-2020:3984)Moderate: security and bug fix update freeradius-debuginfo-3.0.13-15.el7.x86_64.rpmLinux
Freeradius update (ELSA-2020-3984) freeradius-3.0.13-15.el7.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234