Unrated severityNVD Advisory· Published Nov 20, 2012· Updated Jun 16, 2026
CVE-2012-4523
CVE-2012-4523
Description
radsecproxy before 1.6.1 does not properly verify certificates when there are configuration blocks with CA settings that are unrelated to the block being used for verifying the certificate chain, which might allow remote attackers to bypass intended access restrictions and spoof clients.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18cpe:2.3:a:uninett:radsecproxy:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:uninett:radsecproxy:*:*:*:*:*:*:*:*range: <=1.6
- cpe:2.3:a:uninett:radsecproxy:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.0:alpha-p1:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.0:p1:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.1:alpha:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.1:beta:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.3:alpha:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.3:beta:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:uninett:radsecproxy:1.5:*:*:*:*:*:*:*
- Range: <1.6.1
Patches
Vulnerability mechanics
References
8- secunia.com/advisories/51251nvdVendor Advisory
- www.debian.org/security/2012/dsa-2573nvd
- www.openwall.com/lists/oss-security/2012/10/17/7nvd
- www.openwall.com/lists/oss-security/2012/10/31/6nvd
- www.securityfocus.com/bid/56105nvd
- postlister.uninett.no/sympa/arc/radsecproxy/2012-09/msg00001.htmlnvd
- postlister.uninett.no/sympa/arc/radsecproxy/2012-09/msg00006.htmlnvd
- project.nordu.net/browse/RADSECPROXY-43nvd
News mentions
0No linked articles in our index yet.