diff --git a/docs/advisories/20240730002-Cisco-Critical-RADIUS-Protocol-Vulnerability.md b/docs/advisories/20240730002-Cisco-Critical-RADIUS-Protocol-Vulnerability.md index c623d3df..001fee5a 100644 --- a/docs/advisories/20240730002-Cisco-Critical-RADIUS-Protocol-Vulnerability.md +++ b/docs/advisories/20240730002-Cisco-Critical-RADIUS-Protocol-Vulnerability.md @@ -7,50 +7,49 @@ The vulnerability stems from a flaw in the MD5 Response Authenticator signature ## What is vulnerable? -| Product(s) Affected | Version(s) | CVE | CVSS | Severity | -| ----------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | ------------- | ------------------ | -**Endpoint Clients and Client Software** | | [CVE-2024-3596](https://nvd.nist.gov/vuln/detail/CVE-2024-3596) | N/A | N/A | -| Duo Authentication Proxy | CSCwk87884 -**Network and Content Security Devices** -| Adaptive Security Appliance (ASA) | CSCwk71992 -| Firepower Device Manager (FDM) | CSCwk69454 -| Firepower Management Center (FMC) Software | CSCwk71817 -| Firepower Threat Defense (FTD) Software | CSCwk67902 -| Identity Services Engine (ISE) | CSCwk67747 -| Secure Email Gateway | CSCwk70832 -| Secure Email and Web Manager | CSCwk70833 -| Secure Firewall | CSCwk67859 -| Secure Network Analytics | CSCwk73619 -| Secure Web Appliance | CSCwk70834 -**Network Management and Provisioning** -| Application Policy Infrastructure Controller (APIC) | CSCwk70836 -| Crosswork Change Automation | CSCwk70850 -| Nexus Dashboard, formerly Application Services Engine | CSCwk70840 -| Prime Infrastructure | CSCwk79727 -**Routing and Switching - Enterprise and Service Provider** -| ASR 5000 Series Routers | CSCwk70831 -| Catalyst Center | CSCwk70845 -| Catalyst SD-WAN Controller, formerly SD-WAN vSmart | CSCwk70854 -| Catalyst SD-WAN Manager, formerly SD-WAN vManage | CSCwk70854 -| Catalyst SD-WAN Validator, formerly SD-WAN vBond | CSCwk70854 -| GGSN Gateway GPRS Support Node | CSCwk70831 -| IOS Software | CSCwk78278 -| IOS XE Software | CSCwk70852 -| IOS XR Software | CSCwk70236 -| IOx Fog Director | CSCwk70851 -| MDS 9000 Series Multilayer Switches | CSCwk70837 -| Nexus 3000 Series Switches | CSCwk70839 -| Nexus 7000 Series Switches | CSCwk70838 -| Nexus 9000 Series Switches in standalone NX-OS mode | CSCwk70839 -| PGW Packet Data Network Gateway | CSCwk70831 -| SD-WAN vEdge Routers | CSCwk70854 -| System Architecture Evolution (SAE) Gateway | CSCwk70831 -| Ultra Packet Core | CSCwk70831 -**Unified Computing** -| Enterprise NFV Infrastructure Software (NFVIS) | CSCwk79647 -| UCS Central Software | CSCwk71967 -| UCS Manager | CSCwk70842 - +| Product(s) Affected | Version(s) | CVE | CVSS | Severity | +| ----------------------------------------------------------- | ---------- | --------------------------------------------------------------- | ---- | -------- | +| **Endpoint Clients and Client Software** | | [CVE-2024-3596](https://nvd.nist.gov/vuln/detail/CVE-2024-3596) | N/A | N/A | +| Duo Authentication Proxy | CSCwk87884 | | | | +| **Network and Content Security Devices** | | | | | +| Adaptive Security Appliance (ASA) | CSCwk71992 | | | | +| Firepower Device Manager (FDM) | CSCwk69454 | | | | +| Firepower Management Center (FMC) Software | CSCwk71817 | | | | +| Firepower Threat Defense (FTD) Software | CSCwk67902 | | | | +| Identity Services Engine (ISE) | CSCwk67747 | | | | +| Secure Email Gateway | CSCwk70832 | | | | +| Secure Email and Web Manager | CSCwk70833 | | | | +| Secure Firewall | CSCwk67859 | | | | +| Secure Network Analytics | CSCwk73619 | | | | +| Secure Web Appliance | CSCwk70834 | | | | +| **Network Management and Provisioning** | | | | | +| Application Policy Infrastructure Controller (APIC) | CSCwk70836 | | | | +| Crosswork Change Automation | CSCwk70850 | | | | +| Nexus Dashboard, formerly Application Services Engine | CSCwk70840 | | | | +| Prime Infrastructure | CSCwk79727 | | | | +| **Routing and Switching - Enterprise and Service Provider** | | | | | +| ASR 5000 Series Routers | CSCwk70831 | | | | +| Catalyst Center | CSCwk70845 | | | | +| Catalyst SD-WAN Controller, formerly SD-WAN vSmart | CSCwk70854 | | | | +| Catalyst SD-WAN Manager, formerly SD-WAN vManage | CSCwk70854 | | | | +| Catalyst SD-WAN Validator, formerly SD-WAN vBond | CSCwk70854 | | | | +| GGSN Gateway GPRS Support Node | CSCwk70831 | | | | +| IOS Software | CSCwk78278 | | | | +| IOS XE Software | CSCwk70852 | | | | +| IOS XR Software | CSCwk70236 | | | | +| IOx Fog Director | CSCwk70851 | | | | +| MDS 9000 Series Multilayer Switches | CSCwk70837 | | | | +| Nexus 3000 Series Switches | CSCwk70839 | | | | +| Nexus 7000 Series Switches | CSCwk70838 | | | | +| Nexus 9000 Series Switches in standalone NX-OS mode | CSCwk70839 | | | | +| PGW Packet Data Network Gateway | CSCwk70831 | | | | +| SD-WAN vEdge Routers | CSCwk70854 | | | | +| System Architecture Evolution (SAE) Gateway | CSCwk70831 | | | | +| Ultra Packet Core | CSCwk70831 | | | | +| **Unified Computing** | | | | | +| Enterprise NFV Infrastructure Software (NFVIS) | CSCwk79647 | | | | +| UCS Central Software | CSCwk71967 | | | | +| UCS Manager | CSCwk70842 | | | | ## What has been observed?