Authentication bypass in FreeRADIUS

Published: 2017-05-30
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-9148
Exploitation vector Network
Public exploit N/A
Vulnerable software
Server applications / Directory software, identity management

Vendor FreeRADIUS Server Project

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Authentication bypass


Risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-9148

CWE-ID: CWE-592 - Authentication Bypass Issues

Exploit availability: No


The vulnerability allows a remote attacker to bypass authentication on the target system.

The weakness exists due to failure when preventing resumption of an unauthenticated session by TLS session cache. A remote attacker can use PEAP or TTLS to bypass authentication and cause the target server to issue an Extensible Authentication Protocol (EAP)

Successful exploitation of the vulnerability may result in unauthorized access to the system.


Update to version 3.0.14.

Vulnerable software versions

FreeRADIUS: 0.1 - 3.0.13

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected application in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.