vulnerability
CentOS Linux: CVE-2022-41859: Moderate: freeradius security and bug fix update (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | 2023-01-17 | 2023-05-15 | 2025-01-28 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
2023-01-17
Added
2023-05-15
Modified
2025-01-28
Description
In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.
Solution(s)
centos-upgrade-freeradiuscentos-upgrade-freeradius-debuginfocentos-upgrade-freeradius-debugsourcecentos-upgrade-freeradius-develcentos-upgrade-freeradius-doccentos-upgrade-freeradius-krb5centos-upgrade-freeradius-krb5-debuginfocentos-upgrade-freeradius-ldapcentos-upgrade-freeradius-ldap-debuginfocentos-upgrade-freeradius-mysqlcentos-upgrade-freeradius-mysql-debuginfocentos-upgrade-freeradius-perlcentos-upgrade-freeradius-perl-debuginfocentos-upgrade-freeradius-postgresqlcentos-upgrade-freeradius-postgresql-debuginfocentos-upgrade-freeradius-restcentos-upgrade-freeradius-rest-debuginfocentos-upgrade-freeradius-sqlitecentos-upgrade-freeradius-sqlite-debuginfocentos-upgrade-freeradius-unixodbccentos-upgrade-freeradius-unixodbc-debuginfocentos-upgrade-freeradius-utilscentos-upgrade-freeradius-utils-debuginfocentos-upgrade-python3-freeradiuscentos-upgrade-python3-freeradius-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.