• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

CVE-2024-3596 / Radius client msg authenticator attribute

Scheduled Pinned Locked Moved General pfSense Questions
cve-2024-3596securityvulnerabilityradius
2 Posts 2 Posters 370 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    helge000
    last edited by Jul 10, 2024, 11:55 AM

    Hello,

    as far as I can gather the mitigation for CVE-2024-3596 needs to be done on the radius client site; in my case pfSense.

    I did turn on the requirement in Windows NPS:
    569f5f73-766a-4457-af6d-e877b0707f7e-image.png
    Everything still seems to work well so far.

    Can someone tell me whether or not the attribute should be in all of pfSense's Radius-requests by default? (I did not find any setting)
    Thanks,

    1 Reply Last reply Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by Jul 10, 2024, 4:18 PM

      If you have set that I would expect no issue since the server would reject any unauthenticated requests.

      1 Reply Last reply Reply Quote 1
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received