High severity7.5NVD Advisory· Published Apr 5, 2017· Updated Jun 17, 2026
CVE-2015-4680
CVE-2015-4680
Description
FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
34cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*+ 17 more
- cpe:2.3:a:freeradius:freeradius:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:freeradius:freeradius:3.0.8:*:*:*:*:*:*:*
- (no CPE)range: 2.2.x before 2.2.8, 3.0.x before 3.0.9
cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:sp2:*:*:*:*:raspberry_pi:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*
- osv-coords11 versionspkg:rpm/opensuse/freeradius-server&distro=openSUSE%20Tumbleweedpkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/freeradius-server&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 3.0.23-1.5+ 10 more
- (no CPE)range: < 3.0.23-1.5
- (no CPE)range: < 2.1.1-7.24.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 2.1.1-7.24.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 2.1.1-7.24.1
- (no CPE)range: < 3.0.3-14.1
- (no CPE)range: < 3.0.3-14.1
Patches
Vulnerability mechanics
References
7- packetstormsecurity.com/files/132415/FreeRADIUS-Insufficient-CRL-Application.htmlnvdPatchThird Party AdvisoryVDB Entry
- www.ocert.org/advisories/ocert-2015-008.htmlnvdPatchThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatch
- lists.opensuse.org/opensuse-security-announce/2017-01/msg00010.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/75327nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032690nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/535810/100/0/threadednvd
News mentions
0No linked articles in our index yet.