Summary

A vulnerability in the verification of RADIUS Response from a RADIUS server has been disclosed by a team of researchers from UC San Diego and their partners. An attacker, with access to the network where the RADIUS protocol is being transmitted, can spoof a UDP-based RADIUS Response packet to modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response, with almost any content, completely under the attackers control.

For additional information regarding this vulnerability, please see https://blastradius.fail.

Products Affected

• All version of Brocade Fabric OS configured to use Radius with no Transport Layer Security (TLS).
  

• All versions of Brocade SANnav configured to use Radius.
  

Products Confirmed Not Affected

• Brocade ASCG: [VEX Justification: Component_not_present]

Solution

• Brocade Fabric OS is not vulnerable when Radius is configured to use PEAP-MSCHAPv2  which is a supported TLS channel mode.  However, Brocade Fabric OS is vulnerable when configured to use RADIUS with PAP or CHAP.  Brocade recommends customers to configure and use PEAP-MSCHAPv2 to avoid this vulnerability when using RADIUS.
  • Note: Brocade Fabric OS Administration guide provides instruction on PEAP-MSCHAPv2 configuration. Please refer to section Appendix A: Setting Up the AAA Server Configuration.
    
• Brocade SANnav is vulnerable via PAP or CHAP when configured to use RADIUS. Brocade recommends to use alternative protocols, i.e. LDAP.
  

Revision History

Disclaimer

THIS DOCUMENT IS PROVIDED ON AN AS-IS BASIS SOLELY FOR INFORMATIONAL PURPOSES AND DOES NOT IMPLY ANY KIND OF GUARANTY OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. YOUR USE OF THE INFORMATION CONTAINED HEREIN IS AT YOUR OWN RISK. ALL INFORMATION PROVIDED HEREIN IS BASED ON BROCADE'S CURRENT KNOWLEDGE AND UNDERSTANDING OF THE VULNERABILITY AND IMPACT TO BROCADE HARDWARE AND SOFTWARE PRODUCTS. BROCADE RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.