exploitDog

CVE-2019-9414

Опубликовано: 27 сент. 2019

Источник: nvd

CVSS3: 5.9

CVSS2: 4.3

EPSS Низкий

Описание

In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041

Ссылки

https://source.android.com/security/bulletin/android-10
Vendor Advisory
https://source.android.com/security/bulletin/android-10
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00143

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-739f-97jx-cppr

CVSS3: 5.9

github

больше 3 лет назад

In wpa_supplicant, there is a possible man in the middle vulnerability due to improper input validation of the basicConstraints field of intermediary certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111893041

EPSS

Процентиль: 35%

0.00143

Низкий

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20