Описание
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Technical DescriptionThird Party Advisory
- MitigationPatchThird Party Advisory
- Third Party Advisory
- MitigationPatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Technical DescriptionThird Party Advisory
- MitigationPatchThird Party Advisory
- Third Party Advisory
- MitigationPatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 throug ...
EPSS
6.5 Medium
CVSS3
3.3 Low
CVSS2