Cisco VPN 5000 RADIUS PAP authentication vulnerability
The Cisco VPN 5000 series concentrator running firmware versions 6.0.21.0002 and 5.2.23.003 (and prior) sends the user's password in plain text to the RADIUS server in PAP authentication validation retry request packets. Attackers sniffing the network may be able to recover the user's password.
Show Name: Thoughts on Security at Cisco Live US 2018 in Orlando
Contributors: Kevin Klous, David White Jr., Aaron Woland, Jeff Fanelli
Posting Date: June 2018
Description: The team goes on-site in the Cisco Live Speaker room in...
RADIUS and Symantec VIP.
I will use screenshots of ASDM, and at the end I will add the required CLI commands. the diagram below show a diagram of the steps the FW goes through when using 2FA authentication:
As you can see in Fig. 1&nbs...