Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-9498

Опубликовано: 17 апр. 2019
Источник: nvd
CVSS3: 8.1
CVSS2: 6.8
EPSS Низкий

Описание

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*
Версия до 2.4 (включая)
cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*
Версия от 2.5 (включая) до 2.7 (включая)
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*
Версия до 2.4 (включая)
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*
Версия от 2.5 (включая) до 2.7 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Конфигурация 5

Одно из

cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*
cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*
Конфигурация 6

Одно из

cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Версия от 11.0 (включая) до 11.1 (включая)
cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p13:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*

EPSS

Процентиль: 77%
0.01043
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-346
CWE-287

Связанные уязвимости

ubuntu логотип

CVE-2019-9498

CVSS3: 8.1
ubuntu
почти 7 лет назад

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

redhat логотип

CVE-2019-9498

CVSS3: 6.8
redhat
почти 7 лет назад

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

debian логотип

CVE-2019-9498

CVSS3: 8.1
debian
почти 7 лет назад

The implementations of EAP-PWD in hostapd EAP Server, when built again ...

github логотип

GHSA-vv3p-4cq3-5ppc

CVSS3: 8.1
github
больше 3 лет назад

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

fstec логотип

BDU:2019-01948

CVSS3: 8.1
fstec
почти 7 лет назад

Уязвимость компонента EAP Server протокола EAP-PWD сертификации устройств беспроводной связи WPA, связанная с некорректным использованием привилегий, позволяющая нарушителю оказать воздействие на целостность и конфиденциальность данных или вызвать отказ в обслуживании

EPSS

Процентиль: 77%
0.01043
Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-346
CWE-287