CVE-2012-4566Radsecproxy vulnerability

4 documents4 sources
Severity
6.4MEDIUMNVD
EPSS
0.2%
top 61.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
RadsecproxyDebian RadsecproxyUninett Radsecproxy
Timeline
PublishedNov 20
Latest updateMay 17

Description

The DTLS support in radsecproxy before 1.6.2 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients, a different vulnerability than CVE-2012-4523.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

debiandebian/radsecproxy< radsecproxy 1.6.2-1 (bookworm)
Debianradsecproxy/radsecproxy< 1.6.2-1+3
NVDuninett/radsecproxy1.6.1+11

🔴Vulnerability Details

2
GHSA
GHSA-3qgg-3fwc-j9gv: The DTLS support in radsecproxy before 12022-05-17
OSV
CVE-2012-4566: The DTLS support in radsecproxy before 12012-11-20

📋Vendor Advisories

1
Debian
CVE-2012-4566: radsecproxy - The DTLS support in radsecproxy before 1.6.2 does not properly verify certificat...2012
CVE-2012-4566 — Debian Radsecproxy vulnerability | cvebase