-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 HPE Aruba Networking Product Security Advisory =============================== Advisory ID: HPESBNW04662 CVE: CVE-2024-3596 Publication Date: 2024-Jul-09 Last Updated: 2024-Aug-30 Status: Investigating Severity: Critical Revision: 3 Title ===== RADIUS Protocol Susceptible to Forgery Attacks Overview ======== A vulnerability in the RADIUS protocol may allow attackers to access sensitive network resources without authentication. Affected Products ============== HPE Aruba Networking - - EdgeConnect SD-WAN Gateway - All supported software releases (as of the publication date of this Security Advisory) - Please see the workaround section for mitigation advice - - EdgeConnect SD-WAN Orchestrator - All supported software releases (as of the publication date of this Security Advisory) - Please see the workaround section for mitigation advice - - Switches running AOS-CX - All supported software releases (as of the publication date of this Security Advisory) - Please see the workaround section for mitigation advice - - WLAN Gateways and SD-WAN Gateways running ArubaOS 10 - 10.6.0.2 and below - 10.4.1.3 and below - - Mobility Controllers running ArubaOS 8 - 8.12.0.1 and below - 8.10.0.13 and below - - Access Points running InstantOS 8 and ArubaOS 10 - All supported software releases (as of the publication date of this Security Advisory) - Please see the workaround section for mitigation advice - - Airwave Management Platform - 8.3.0.2 and below - - ClearPass Policy Manager - 6.12.1 and below - 6.11.8 and below - - Aruba Fabric Composer - 7.1.0 and below Product versions that are end of life are affected by this vulnerability unless otherwise indicated. This advisory will be updated as further information becomes available. Unaffected Products =================== All other HPE Aruba Networking products that are not listed above are not affected by this vulnerability. Details ======= RADIUS protocol susceptible to forgery attacks (CVE-2024-3596) --------------------------------------------------------------------- A forgery attack has been discovered against the Response Authenticator in RADIUS/UDP, specifically targeting RFC 2865. This attack allows a man-in-the-middle to forge a valid Access-Accept response to a client request that was initially rejected by the RADIUS server, thereby granting unauthorized network access. The vulnerability exploits a chosen-prefix collision attack on MD5, manipulating the first byte and packet attributes of Access-Reject messages to match the Response Authenticator of a forged Access-Accept message. The attack requires appending a minimal amount of collision block gibberish to the Access-Request, which is then encapsulated in Proxy-State attributes and processed by the server, ensuring the computed Response Authenticator matches for both the legitimate Access-Reject and the forged Access-Accept. The attacker must have man-in-the-middle access between the RADIUS client and server and the ability to trigger an Access-Request. By predicting the Access-Reject response and computing an MD5 chosen-prefix collision (within 5 to 6 minutes, potentially faster with more resources), the attacker can modify the client request, remove any Message-Authenticator attributes if PAP authentication is used, and forge an Access-Accept response by copying the Response Authenticator from the Access-Reject response. This modified response, when sent to the client, grants the attacker unauthorized access to resources authenticated/authorized via RADIUS. Internal References: ATLWL-473, ATLCP-274, ATLAX-81, ATLAW-201, ATLSP-112, ATLSP-113 Severity: Critical CVSSv3.x Overall Score: 9.0 CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Discovery: This vulnerability was discovered and reported by Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl. Resolution ========= This vulnerability is fixed in the following HPE Aruba Networking products’ software releases - - AirWave Management Platform - 8.3.0.3 and above - - ClearPass Policy Manager - 6.12.2 and above - 6.11.9 and above (estimated to be available: Jul 24, 2024) - In addition, the following steps need to be taken to enable the RADIUS Message-Authenticator on ClearPass Navigate to Administration > Server Manager > Server Configuration screen, select each server individually to enable Message-Authenticator support. On the server screen, navigate to “Service Parameters” tab, select the “Radius server” service Under the Security header, modify the parameters Require Message-Authenticator from NAD = yes Require Message-Authenticator from Proxy Server = yes Save the changes. This will then restart the service with the requirement that the Message-Authenticator be transmitted, or the request will not be processed. - - Switches running AOS-CX - 10.14.1010 and above (estimated to be available: mid-September 2024) - 10.13.1040 and above (estimated to be available: early August 2024) - 10.10.1140 and above (estimated to be available: mid-September 2024) - - WLAN Gateways and SD-WAN Gateways running ArubaOS 10 - 10.6.0.3 and above (estimated to be available: Aug 1, 2024) - 10.4.1.4 and above (estimated to be available: July 22, 2024) - - Mobility Controllers running ArubaOS 8 - 8.12.0.2 and above (estimated to be available: July 24, 2024) - 8.10.0.14 and above (estimated to be available: mid-September 2024) - - Aruba Fabric Composer - 7.1.1 and above (estimated available early November 2024) Software updates for this vulnerability fix in the other affected products are forthcoming. This advisory will be updated as details on the respective product’s software versions with this vulnerability fix become available. For more information about HPE Aruba Networking products End of Support policy visit: https://networkingsupport.hpe.com/end-of-life Final Resolution Pending ==================== HPE Aruba Networking - - EdgeConnect SD-WAN Gateway - - EdgeConnect SD-WAN Orchestrator - - Aruba Access Points running InstantOS 8 and ArubaOS 10 These products are pending resolution. This advisory will be updated as more information becomes available. See the workaround section in this document for mitigation information. Workaround ========== Network Operators who rely on the RADIUS protocol for device and/or user authentication should update their software and configuration to a secure form of the protocol for both clients and servers. Where available, using EAP-TLS (assuming Message-Authenticator is properly configured on the RADIUS server) or RadSec will mitigate the vulnerability. This work around applies to all products. In instances where product upgrades are not available, network isolation and secure VPN tunnel communications should be enforced for the RADIUS protocol to restrict access to these network resources from untrusted sources. For assistance in implementing EAP-TLS or RadSec on individual products contact HPE Services – Aruba Networking for assistance. Exploitation and Public Discussion ================================== The original research paper this vulnerability is based on is accessible at https://www.blastradius.fail/pdf/radius.pdf Additionally, the IETF is working towards deprecating certain options in RADIUS. More information is accessible at https://datatracker.ietf.org/doc/html/draft-ietf-radext-deprecating-radius-01 Revision History ================ Revision 1 / 2024-Jul-09 / Initial release Revision 2 / 2024-Jul-12 / Improvements to the Workaround, Affected Products, and Resolution Sections, Added Unaffected Products Revision 3 / 2024-Aug-30 / Added AFC to Affected Products and Resolution Sections HPE Aruba Networking SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a 00100637en_us For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: https://www.hpe.com/info/psrt-pgp-key (c) Copyright 2024 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQHLBAEBCAA1FiEEMErWmuZGsYOCo0+xpjMm7I0cE64FAmbPVA0XHHNlY3VyaXR5 LWFsZXJ0QGhwZS5jb20ACgkQpjMm7I0cE66XIwv/RyxP6GjvVeb+ir8+V3QVPP8x vre/2un2IeHzMj4KGw0f+M9VJ4tOipTOcJDodVzGDeae06UyFl1qS2RdvP3CFxxh piTlMgLXag++sjZ40f3Y9uHu/VFaME773GPta6UT7GVqjCfH8oddo6Z6Ry0MJM5/ fEFO+4aPuasEFbKimcnIbr8tkycrc+s88Q1WjdD3NJBpZhBHYvDK0MXu3KB+OMnq 91f0K3npCjhCmRWyzzhtO7pY2LIbCGmhlMKDE7IYFFEktLxIP2sql/YZbfDni6/H NTxhvU4z67Jd3wOg4TRZKPaO8/1xudTTC+RDF5r0XOa0ZP3lV3XkrHrW0KWRqHtN AEDs2QAEnRwJH+4Ehr+ryuEhRe6S4Yjk1qFX+C9IUp6DmcioiHp+ASDtfL9LKDcw Dyahqag0nIrNQLfs6cX7TDOmhfiKjGqj2QdtdUQNllF3dOV175tVTaCiRaAEMLjh pa16fhWwDKhfZqdTkpJ+07QIkrc2ydbGR9qZHwua =2jNl -----END PGP SIGNATURE-----