CVE-2022-41859

Опубликовано: 17 янв. 2023

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS3: 7.5

Описание

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	not-affected	3.2.1+dfsg-1
esm-infra/bionic	ignored	changes too intrusive
esm-infra/focal	ignored	changes too intrusive
esm-infra/xenial	not-affected	code not present
focal	ignored	end of standard support, was ignored [changes too intrusive]
jammy	not-affected	3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu3
kinetic	not-affected	3.2.0+dfsg-1
trusty	ignored	end of standard support
upstream	needs-triage

Показывать по

Ссылки на источники

EPSS

Процентиль: 37%

0.00163

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2022-41859

CVSS3: 7.5

redhat

почти 4 года назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CVE-2022-41859

CVSS3: 7.5

nvd

около 3 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CVE-2022-41859

CVSS3: 7.5

debian

около 3 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks i ...

GHSA-cmvm-c7qf-pmc5

CVSS3: 7.5

github

около 3 лет назад

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

SUSE-SU-2023:0135-1

suse-cvrf

около 3 лет назад

Security update for freeradius-server

EPSS

Процентиль: 37%

0.00163

Низкий

7.5 High

CVSS3

CVE-2022-41859

Описание

Пакет freeradius

Ссылки на источники

Связанные уязвимости