vulnerability

security-advisory-0101

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:H/Au:N/C:C/I:C/A:C)	Jul 9, 2024	Sep 4, 2024	Jan 14, 2026

Severity

CVSS

(AV:N/AC:H/Au:N/C:C/I:C/A:C)

Published

Jul 9, 2024

Added

Sep 4, 2024

Modified

Jan 14, 2026

Description

Arista Networks is providing this security update in response to the following publicly disclosed security vulnerability related to the RADIUS protocol. This vulnerability is a result of a design flaw in the RADIUS protocol. It allows a skilled attacker who can read and modify RADIUS packets in the network to forge responses from the RADIUS server to the client. In this way the attacker can cause any user to be authenticated and can give almost any authorization to any user. RADIUS over TLS (RadSec) resolves this vulnerability.

Solution

radsec-solution-cve-2024-3596

References

CVE-2024-3596
https://attackerkb.com/topics/CVE-2024-3596
URL-https://www.arista.com//en/support/advisories-notices/security-advisory/19905-security-advisory-0101

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today