CESA-2019:1131 -- centos 7 freeradiusID: oval:org.secpod.oval:def:205203 | Date: (C)2019-05-20 (M)2023-06-16 |
Class: PATCH | Family: unix |
FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: * freeradius: eap-pwd: authentication bypass via an invalid curve attack * freeradius: eap-pwd: fake authentication using reflection For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.