All the vulnerabilites related to w1.fi - hostapd
cve-2015-4144
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/05/31/6 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201606-17 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2650-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/05/09/6 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4144",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4144",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13078
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://support.apple.com/HT208222",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208222"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://support.apple.com/HT208220",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208220"
},
{
"name": "https://support.apple.com/HT208219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13078",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-10743
Vulnerability from cvelistv5
Published
2019-03-23 18:55
Modified
2024-08-06 03:30
Severity ?
EPSS score ?
Summary
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
References
| ▼ | URL | Tags |
|---|---|---|
| https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389 | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html | mailing-list, x_refsource_MLIST | |
| https://usn.ubuntu.com/3944-1/ | vendor-advisory, x_refsource_UBUNTU | |
| http://www.openwall.com/lists/oss-security/2020/02/27/1 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2020/02/27/2 | mailing-list, x_refsource_MLIST | |
| http://seclists.org/fulldisclosure/2020/Feb/26 | mailing-list, x_refsource_FULLDISC | |
| http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T03:30:20.386Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html"
},
{
"name": "USN-3944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3944-1/"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-01T17:06:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html"
},
{
"name": "USN-3944-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3944-1/"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-10743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389",
"refsource": "MISC",
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[debian-lts-announce] 20190328 [SECURITY] [DLA 1733-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html"
},
{
"name": "USN-3944-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3944-1/"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"name": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-10743",
"datePublished": "2019-03-23T18:55:50",
"dateReserved": "2019-03-23T00:00:00",
"dateUpdated": "2024-08-06T03:30:20.386Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4141
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/05/31/6 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt | x_refsource_CONFIRM | |
| https://security.gentoo.org/glsa/201606-17 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2650-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/05/09/4 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:03.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - WPS UPnP vulnerability with HTTP chunked transfer encoding",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - WPS UPnP vulnerability with HTTP chunked transfer encoding",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/4"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4141",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - WPS UPnP vulnerability with HTTP chunked transfer encoding",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/4"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4141",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:03.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23303
Vulnerability from cvelistv5
Published
2022-01-17 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://w1.fi/security/2022-1/"
},
{
"name": "FEDORA-2022-da8222a1bc",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T10:06:19.467622",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://w1.fi/security/2022-1/"
},
{
"name": "FEDORA-2022-da8222a1bc",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23303",
"datePublished": "2022-01-17T00:00:00",
"dateReserved": "2022-01-17T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3686
Vulnerability from cvelistv5
Published
2014-10-16 00:00
Modified
2024-08-06 10:50
Severity ?
EPSS score ?
Summary
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:50:18.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "60366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60366"
},
{
"name": "DSA-3052",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2014/dsa-3052"
},
{
"name": "openSUSE-SU-2014:1314",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html"
},
{
"name": "60428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/60428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2014-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0429.html"
},
{
"name": "MDVSA-2015:120",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:120"
},
{
"name": "[oss-security] 20141009 wpa_cli and hostapd_cli action script execution vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2014/10/09/28"
},
{
"name": "RHSA-2014:1956",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1956.html"
},
{
"name": "61271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/61271"
},
{
"name": "openSUSE-SU-2014:1313",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "SUSE-SU-2014:1356",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259"
},
{
"name": "USN-2383-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2383-1"
},
{
"name": "70396",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/70396"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-07-25T16:57:02",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "60366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60366"
},
{
"name": "DSA-3052",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2014/dsa-3052"
},
{
"name": "openSUSE-SU-2014:1314",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html"
},
{
"name": "60428",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/60428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2014-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0429.html"
},
{
"name": "MDVSA-2015:120",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:120"
},
{
"name": "[oss-security] 20141009 wpa_cli and hostapd_cli action script execution vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2014/10/09/28"
},
{
"name": "RHSA-2014:1956",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1956.html"
},
{
"name": "61271",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/61271"
},
{
"name": "openSUSE-SU-2014:1313",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "SUSE-SU-2014:1356",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259"
},
{
"name": "USN-2383-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2383-1"
},
{
"name": "70396",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/70396"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3686",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "60366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60366"
},
{
"name": "DSA-3052",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3052"
},
{
"name": "openSUSE-SU-2014:1314",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html"
},
{
"name": "60428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60428"
},
{
"name": "http://w1.fi/security/2014-1/",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2014-1/"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0429.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0429.html"
},
{
"name": "MDVSA-2015:120",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:120"
},
{
"name": "[oss-security] 20141009 wpa_cli and hostapd_cli action script execution vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/10/09/28"
},
{
"name": "RHSA-2014:1956",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1956.html"
},
{
"name": "61271",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61271"
},
{
"name": "openSUSE-SU-2014:1313",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "SUSE-SU-2014:1356",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259"
},
{
"name": "USN-2383-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2383-1"
},
{
"name": "70396",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70396"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-3686",
"datePublished": "2014-10-16T00:00:00",
"dateReserved": "2014-05-14T00:00:00",
"dateUpdated": "2024-08-06T10:50:18.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13080
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039703"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-10T20:06:15",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039703"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "https://support.apple.com/HT208327",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208327"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://support.apple.com/HT208325",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208325"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "1039572",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039572"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://support.apple.com/HT208222",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208222"
},
{
"name": "https://support.apple.com/HT208334",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208334"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://support.apple.com/HT208220",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208220"
},
{
"name": "https://support.apple.com/HT208219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "1039703",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039703"
},
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
"refsource": "CONFIRM",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13080",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.283Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-16275
Vulnerability from cvelistv5
Published
2019-09-12 19:07
Modified
2024-08-05 01:10
Severity ?
EPSS score ?
Summary
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:10:41.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/11/7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2019-7/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt"
},
{
"name": "[oss-security] 20190912 Re: hostapd/wpa_supplicant: AP mode PMF disconnection protection bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/6"
},
{
"name": "[debian-lts-announce] 20190916 [SECURITY] [DLA 1922-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html"
},
{
"name": "USN-4136-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4136-1/"
},
{
"name": "USN-4136-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4136-2/"
},
{
"name": "DSA-4538",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"name": "FEDORA-2019-0e0b28001d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/"
},
{
"name": "FEDORA-2019-740834c559",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/"
},
{
"name": "FEDORA-2019-2265b5ae86",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBJXUKV6XMSELWNXPS37CSUIH5EUHFXQ/"
},
{
"name": "FEDORA-2019-65509aac53",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD/"
},
{
"name": "FEDORA-2019-2bdcccee3c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HY6STGJIIROVNIU6VMB2WTN2Q5M65WF4/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-17T18:07:13",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/11/7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2019-7/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt"
},
{
"name": "[oss-security] 20190912 Re: hostapd/wpa_supplicant: AP mode PMF disconnection protection bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/6"
},
{
"name": "[debian-lts-announce] 20190916 [SECURITY] [DLA 1922-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html"
},
{
"name": "USN-4136-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4136-1/"
},
{
"name": "USN-4136-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4136-2/"
},
{
"name": "DSA-4538",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"name": "FEDORA-2019-0e0b28001d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/"
},
{
"name": "FEDORA-2019-740834c559",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/"
},
{
"name": "FEDORA-2019-2265b5ae86",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBJXUKV6XMSELWNXPS37CSUIH5EUHFXQ/"
},
{
"name": "FEDORA-2019-65509aac53",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD/"
},
{
"name": "FEDORA-2019-2bdcccee3c",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HY6STGJIIROVNIU6VMB2WTN2Q5M65WF4/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2019/09/11/7",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/09/11/7"
},
{
"name": "https://w1.fi/security/2019-7/",
"refsource": "MISC",
"url": "https://w1.fi/security/2019-7/"
},
{
"name": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt"
},
{
"name": "[oss-security] 20190912 Re: hostapd/wpa_supplicant: AP mode PMF disconnection protection bypass",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/6"
},
{
"name": "[debian-lts-announce] 20190916 [SECURITY] [DLA 1922-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html"
},
{
"name": "USN-4136-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4136-1/"
},
{
"name": "USN-4136-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4136-2/"
},
{
"name": "DSA-4538",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"name": "FEDORA-2019-0e0b28001d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/"
},
{
"name": "FEDORA-2019-740834c559",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/"
},
{
"name": "FEDORA-2019-2265b5ae86",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PBJXUKV6XMSELWNXPS37CSUIH5EUHFXQ/"
},
{
"name": "FEDORA-2019-65509aac53",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD/"
},
{
"name": "FEDORA-2019-2bdcccee3c",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HY6STGJIIROVNIU6VMB2WTN2Q5M65WF4/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16275",
"datePublished": "2019-09-12T19:07:09",
"dateReserved": "2019-09-12T00:00:00",
"dateUpdated": "2024-08-05T01:10:41.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-30004
Vulnerability from cvelistv5
Published
2021-04-02 00:00
Modified
2024-08-03 22:24
Severity ?
EPSS score ?
Summary
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:24:59.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T10:06:17.989585",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-30004",
"datePublished": "2021-04-02T00:00:00",
"dateReserved": "2021-04-02T00:00:00",
"dateUpdated": "2024-08-03T22:24:59.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13084
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-10T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13084",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8041
Vulnerability from cvelistv5
Published
2015-11-09 16:00
Modified
2024-08-06 08:06
Severity ?
EPSS score ?
Summary
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html | vendor-advisory, x_refsource_SUSE | |
| https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/75604 | vdb-entry, x_refsource_BID | |
| http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/11/02/5 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:06:31.772Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog"
},
{
"name": "openSUSE-SU-2015:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog"
},
{
"name": "75604",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75604"
},
{
"name": "openSUSE-SU-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html"
},
{
"name": "[oss-security] 20150708 hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/02/5"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-07-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-03T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog"
},
{
"name": "openSUSE-SU-2015:1912",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog"
},
{
"name": "75604",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75604"
},
{
"name": "openSUSE-SU-2015:1920",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html"
},
{
"name": "[oss-security] 20150708 hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/11/02/5"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog",
"refsource": "CONFIRM",
"url": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog"
},
{
"name": "openSUSE-SU-2015:1912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html"
},
{
"name": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog",
"refsource": "CONFIRM",
"url": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog"
},
{
"name": "75604",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75604"
},
{
"name": "openSUSE-SU-2015:1920",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html"
},
{
"name": "[oss-security] 20150708 hostapd/wpa_supplicant - Incomplete WPS and P2P NFC NDEF record payload length validation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/11/02/5"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8041",
"datePublished": "2015-11-09T16:00:00",
"dateReserved": "2015-11-02T00:00:00",
"dateUpdated": "2024-08-06T08:06:31.772Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-11555
Vulnerability from cvelistv5
Published
2019-04-26 21:16
Modified
2024-08-04 22:55
Severity ?
EPSS score ?
Summary
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:55:41.021Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2019/04/18/6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2019-5/"
},
{
"name": "[oss-security] 20190426 Re: wpa_supplicant/hostapd: EAP-pwd message reassembly issue with unexpected fragment",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/26/1"
},
{
"name": "USN-3969-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3969-1/"
},
{
"name": "USN-3969-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3969-2/"
},
{
"name": "FEDORA-2019-ff1b728d09",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T7G763UECWR7FQXOJVL67PW7C5A3SA4/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "DSA-4450",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4450"
},
{
"name": "20190527 [SECURITY] [DSA 4450-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/64"
},
{
"name": "FEDORA-2019-28d3ca93d2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQ6P2GI5GSXRNLNIUNPARFZQVDEIGVZD/"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "FEDORA-2019-d6bc3771a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJKZHAT5KPUN26JL77EUH563GAH5XZ5C/"
},
{
"name": "GLSA-201908-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201908-25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-18T04:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2019/04/18/6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2019-5/"
},
{
"name": "[oss-security] 20190426 Re: wpa_supplicant/hostapd: EAP-pwd message reassembly issue with unexpected fragment",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/26/1"
},
{
"name": "USN-3969-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3969-1/"
},
{
"name": "USN-3969-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3969-2/"
},
{
"name": "FEDORA-2019-ff1b728d09",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T7G763UECWR7FQXOJVL67PW7C5A3SA4/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "DSA-4450",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4450"
},
{
"name": "20190527 [SECURITY] [DSA 4450-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/64"
},
{
"name": "FEDORA-2019-28d3ca93d2",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQ6P2GI5GSXRNLNIUNPARFZQVDEIGVZD/"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "FEDORA-2019-d6bc3771a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJKZHAT5KPUN26JL77EUH563GAH5XZ5C/"
},
{
"name": "GLSA-201908-25",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201908-25"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-11555",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2019/04/18/6",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2019/04/18/6"
},
{
"name": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt"
},
{
"name": "https://w1.fi/security/2019-5/",
"refsource": "MISC",
"url": "https://w1.fi/security/2019-5/"
},
{
"name": "[oss-security] 20190426 Re: wpa_supplicant/hostapd: EAP-pwd message reassembly issue with unexpected fragment",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/04/26/1"
},
{
"name": "USN-3969-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3969-1/"
},
{
"name": "USN-3969-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3969-2/"
},
{
"name": "FEDORA-2019-ff1b728d09",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5T7G763UECWR7FQXOJVL67PW7C5A3SA4/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "DSA-4450",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4450"
},
{
"name": "20190527 [SECURITY] [DSA 4450-1] wpa security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/64"
},
{
"name": "FEDORA-2019-28d3ca93d2",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQ6P2GI5GSXRNLNIUNPARFZQVDEIGVZD/"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "FEDORA-2019-d6bc3771a4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DJKZHAT5KPUN26JL77EUH563GAH5XZ5C/"
},
{
"name": "GLSA-201908-25",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201908-25"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-11555",
"datePublished": "2019-04-26T21:16:24",
"dateReserved": "2019-04-26T00:00:00",
"dateUpdated": "2024-08-04T22:55:41.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9496
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with SAE support |
Version: 2.7 < |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-642",
"description": "CWE-642 External Control of Critical State Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:10",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9496",
"STATE": "PUBLIC",
"TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-642 External Control of Critical State Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-3/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-3/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9496",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13077
Vulnerability from cvelistv5
Published
2017-10-17 02:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.291Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "1041432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "1041432",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041432"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208222"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208220"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13077",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "1041432",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041432"
},
{
"name": "https://source.android.com/security/bulletin/2018-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "https://support.apple.com/HT208222",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208222"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://support.apple.com/HT208220",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208220"
},
{
"name": "https://source.android.com/security/bulletin/2018-06-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"name": "https://support.apple.com/HT208219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208219"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13077",
"datePublished": "2017-10-17T02:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.291Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-12695
Vulnerability from cvelistv5
Published
2020-06-08 16:45
Modified
2024-08-04 12:04
Severity ?
EPSS score ?
Summary
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:04:22.578Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.callstranger.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"name": "[oss-security] 20200608 hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/yunuscadirci/CallStranger"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/corelight/callstranger-detector"
},
{
"name": "FEDORA-2020-df3e1cfde9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/"
},
{
"name": "FEDORA-2020-1f7fc0d0c9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/"
},
{
"name": "FEDORA-2020-e538e3e526",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2315-1] gupnp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"name": "USN-4494-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"name": "DSA-4806",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2489-1] minidlna security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"name": "DSA-4898",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4898"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-22T23:06:21",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.callstranger.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"name": "[oss-security] 20200608 hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/yunuscadirci/CallStranger"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/corelight/callstranger-detector"
},
{
"name": "FEDORA-2020-df3e1cfde9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/"
},
{
"name": "FEDORA-2020-1f7fc0d0c9",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/"
},
{
"name": "FEDORA-2020-e538e3e526",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2315-1] gupnp security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"name": "USN-4494-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"name": "DSA-4806",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2489-1] minidlna security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"name": "DSA-4898",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4898"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-12695",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.callstranger.com",
"refsource": "MISC",
"url": "https://www.callstranger.com"
},
{
"name": "https://www.kb.cert.org/vuls/id/339275",
"refsource": "MISC",
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"name": "[oss-security] 20200608 hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"name": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of",
"refsource": "MISC",
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
},
{
"name": "https://github.com/yunuscadirci/CallStranger",
"refsource": "MISC",
"url": "https://github.com/yunuscadirci/CallStranger"
},
{
"name": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
},
{
"name": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/",
"refsource": "MISC",
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"name": "https://github.com/corelight/callstranger-detector",
"refsource": "MISC",
"url": "https://github.com/corelight/callstranger-detector"
},
{
"name": "FEDORA-2020-df3e1cfde9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/"
},
{
"name": "FEDORA-2020-1f7fc0d0c9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/"
},
{
"name": "FEDORA-2020-e538e3e526",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/"
},
{
"name": "[debian-lts-announce] 20200806 [SECURITY] [DLA 2315-1] gupnp security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"name": "USN-4494-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"name": "DSA-4806",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2489-1] minidlna security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"name": "DSA-4898",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4898"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-12695",
"datePublished": "2020-06-08T16:45:04",
"dateReserved": "2020-05-07T00:00:00",
"dateUpdated": "2024-08-04T12:04:22.578Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13087
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "RHSA-2017:2911",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13087",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5062
Vulnerability from cvelistv5
Published
2019-12-12 21:36
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.
References
| ▼ | URL | Tags |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:55.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "W1.f1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "hostapd version 2.6 on a Raspberry Pi."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-440",
"description": "CWE-440: Expected Behavior Violation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T17:33:39",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2019-5062",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "W1.f1",
"version": {
"version_data": [
{
"version_value": "hostapd version 2.6 on a Raspberry Pi."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.4,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-440: Expected Behavior Violation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2019-5062",
"datePublished": "2019-12-12T21:36:54",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:55.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-23304
Vulnerability from cvelistv5
Published
2022-01-17 00:00
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:36:20.403Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://w1.fi/security/2022-1/"
},
{
"name": "FEDORA-2022-da8222a1bc",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T10:06:20.892698",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://w1.fi/security/2022-1/"
},
{
"name": "FEDORA-2022-da8222a1bc",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"name": "GLSA-202309-16",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202309-16"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-23304",
"datePublished": "2022-01-17T00:00:00",
"dateReserved": "2022-01-17T00:00:00",
"dateUpdated": "2024-08-03T03:36:20.403Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-10064
Vulnerability from cvelistv5
Published
2020-02-28 14:07
Modified
2024-08-04 22:10
Severity ?
EPSS score ?
Summary
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
References
| ▼ | URL | Tags |
|---|---|---|
| https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2020/02/27/1 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2020/02/27/2 | mailing-list, x_refsource_MLIST | |
| http://seclists.org/fulldisclosure/2020/Feb/26 | mailing-list, x_refsource_FULLDISC | |
| http://www.openwall.com/lists/oss-security/2020/02/27/1 | x_refsource_MISC | |
| http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html | x_refsource_MISC | |
| https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html | mailing-list, x_refsource_MLIST | |
| https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:09.430Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"name": "[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-08T22:06:12",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"name": "[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389",
"refsource": "MISC",
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"name": "[oss-security] 20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "[oss-security] 20200227 Re: Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"name": "20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"name": "http://www.openwall.com/lists/oss-security/2020/02/27/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"name": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"name": "[debian-lts-announce] 20200311 [SECURITY] [DLA 2138-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"name": "[debian-lts-announce] 20200808 [SECURITY] [DLA 2318-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-10064",
"datePublished": "2020-02-28T14:07:14",
"dateReserved": "2019-03-26T00:00:00",
"dateUpdated": "2024-08-04T22:10:09.430Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9494
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with SAE support |
Version: 2.7 < |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Information Exposure Through Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524 Information Exposure Through Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:09",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9494",
"STATE": "PUBLIC",
"TITLE": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-1/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-1/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9494",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9498
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:07",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9498",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9498",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4142
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.867Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "FEDORA-2015-cfea96144a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html"
},
{
"name": "RHSA-2015:1439",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1439.html"
},
{
"name": "FEDORA-2015-6f16b5e39e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html"
},
{
"name": "1032625",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032625"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/5"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "FEDORA-2015-1521e91178",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "RHSA-2015:1090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1090.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213258"
},
{
"name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/May/34"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-17T06:08:43",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "FEDORA-2015-cfea96144a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html"
},
{
"name": "RHSA-2015:1439",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1439.html"
},
{
"name": "FEDORA-2015-6f16b5e39e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html"
},
{
"name": "1032625",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032625"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/5"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "FEDORA-2015-1521e91178",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "RHSA-2015:1090",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1090.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT213258"
},
{
"name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/May/34"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "FEDORA-2015-cfea96144a",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html"
},
{
"name": "RHSA-2015:1439",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1439.html"
},
{
"name": "FEDORA-2015-6f16b5e39e",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html"
},
{
"name": "1032625",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032625"
},
{
"name": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"
},
{
"name": "[oss-security] 20150509 CVE request: hostapd/wpa_supplicant - Integer underflow in AP mode WMM Action frame processing",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/5"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "FEDORA-2015-1521e91178",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "RHSA-2015:1090",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1090.html"
},
{
"name": "https://support.apple.com/kb/HT213258",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT213258"
},
{
"name": "20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/May/34"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4142",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.867Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4145
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/05/31/6 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201606-17 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2650-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/05/09/6 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4145",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9495
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524 Information Exposure Through Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:10",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9495",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-2/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-2/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9495",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13082
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039571",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039571"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "1039570",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039570"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:11",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039571",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039571"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "1039570",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039570"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697",
"refsource": "CONFIRM",
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039571",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039571"
},
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "1039570",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039570"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://github.com/vanhoefm/krackattacks-test-ap-ft",
"refsource": "MISC",
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13082",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9497
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-301",
"description": "CWE-301",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:12",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9497",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-301"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9497",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-2389
Vulnerability from cvelistv5
Published
2012-06-21 15:00
Modified
2024-08-06 19:34
Severity ?
EPSS score ?
Summary
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=824660 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2012/05/23/13 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2012/05/23/5 | mailing-list, x_refsource_MLIST | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2012:168 | vendor-advisory, x_refsource_MANDRIVA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html | vendor-advisory, x_refsource_FEDORA | |
| https://bugzilla.novell.com/show_bug.cgi?id=740964 | x_refsource_MISC | |
| http://www.openwall.com/lists/oss-security/2012/05/23/3 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:34:25.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824660"
},
{
"name": "[oss-security] 20120523 Re: CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/13"
},
{
"name": "[oss-security] 20120523 Re: CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/5"
},
{
"name": "MDVSA-2012:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"name": "FEDORA-2012-8611",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=740964"
},
{
"name": "[oss-security] 20120523 CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-19T09:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824660"
},
{
"name": "[oss-security] 20120523 Re: CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/13"
},
{
"name": "[oss-security] 20120523 Re: CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/5"
},
{
"name": "MDVSA-2012:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"name": "FEDORA-2012-8611",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.novell.com/show_bug.cgi?id=740964"
},
{
"name": "[oss-security] 20120523 CVE request(?): hostapd: improper file permissions of hostapd\u0027s config leaks credentials",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/3"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-2389",
"datePublished": "2012-06-21T15:00:00",
"dateReserved": "2012-04-19T00:00:00",
"dateUpdated": "2024-08-06T19:34:25.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-4445
Vulnerability from cvelistv5
Published
2012-10-10 18:00
Modified
2024-08-06 20:35
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
},
{
"name": "[oss-security] 20121008 [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
},
{
"name": "50805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50805"
},
{
"name": "DSA-2557",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2557"
},
{
"name": "1027808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027808"
},
{
"name": "MDVSA-2012:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"name": "86051",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86051"
},
{
"name": "55826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55826"
},
{
"name": "FreeBSD-SA-12:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
},
{
"name": "hostapd-eaptls-dos(79104)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
},
{
"name": "50888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small \"TLS Message Length\" value in an EAP-TLS message with the \"More Fragments\" flag set."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
},
{
"name": "[oss-security] 20121008 [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
},
{
"name": "50805",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50805"
},
{
"name": "DSA-2557",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2557"
},
{
"name": "1027808",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027808"
},
{
"name": "MDVSA-2012:168",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"name": "86051",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86051"
},
{
"name": "55826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55826"
},
{
"name": "FreeBSD-SA-12:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
},
{
"name": "hostapd-eaptls-dos(79104)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
},
{
"name": "50888",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50888"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4445",
"datePublished": "2012-10-10T18:00:00",
"dateReserved": "2012-08-21T00:00:00",
"dateUpdated": "2024-08-06T20:35:09.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4143
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/05/31/6 | mailing-list, x_refsource_MLIST | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201606-17 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2650-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/05/09/6 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4143",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13088
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-18T12:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13088",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-4476
Vulnerability from cvelistv5
Published
2016-05-09 10:00
Modified
2024-08-06 00:32
Severity ?
EPSS score ?
Summary
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/05/03/12 | mailing-list, x_refsource_MLIST | |
| http://www.ubuntu.com/usn/USN-3455-1 | vendor-advisory, x_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20160503 Re: hostapd/wpa_supplicant - psk configuration parameter update allowing arbitrary data to be written",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/12"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \\n and \\r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-20T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20160503 Re: hostapd/wpa_supplicant - psk configuration parameter update allowing arbitrary data to be written",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/12"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-4476",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \\n and \\r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20160503 Re: hostapd/wpa_supplicant - psk configuration parameter update allowing arbitrary data to be written",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/12"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-4476",
"datePublished": "2016-05-09T10:00:00",
"dateReserved": "2016-05-03T00:00:00",
"dateUpdated": "2024-08-06T00:32:25.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-13377
Vulnerability from cvelistv5
Published
2019-08-15 16:05
Modified
2024-08-04 23:49
Severity ?
EPSS score ?
Summary
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.
References
| ▼ | URL | Tags |
|---|---|---|
| https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503 | x_refsource_MISC | |
| https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5 | x_refsource_MISC | |
| https://usn.ubuntu.com/4098-1/ | x_refsource_CONFIRM | |
| https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/ | vendor-advisory, x_refsource_FEDORA | |
| https://www.debian.org/security/2019/dsa-4538 | vendor-advisory, x_refsource_DEBIAN | |
| https://seclists.org/bugtraq/2019/Sep/56 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:49:24.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4098-1/"
},
{
"name": "FEDORA-2019-97e9040197",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/"
},
{
"name": "DSA-4538",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-30T05:06:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://usn.ubuntu.com/4098-1/"
},
{
"name": "FEDORA-2019-97e9040197",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/"
},
{
"name": "DSA-4538",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503",
"refsource": "MISC",
"url": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503"
},
{
"name": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5",
"refsource": "MISC",
"url": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5"
},
{
"name": "https://usn.ubuntu.com/4098-1/",
"refsource": "CONFIRM",
"url": "https://usn.ubuntu.com/4098-1/"
},
{
"name": "FEDORA-2019-97e9040197",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/"
},
{
"name": "DSA-4538",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"name": "20190929 [SECURITY] [DSA 4538-1] wpa security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/56"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-13377",
"datePublished": "2019-08-15T16:05:29",
"dateReserved": "2019-07-07T00:00:00",
"dateUpdated": "2024-08-04T23:49:24.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13081
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13081",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-9499
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
EPSS score ?
Summary
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
||||||||||||
|
|||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:08",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9499",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9499",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-5061
Vulnerability from cvelistv5
Published
2019-12-12 21:36
Modified
2024-08-04 19:47
Severity ?
EPSS score ?
Summary
An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
References
| ▼ | URL | Tags |
|---|---|---|
| https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:47:55.757Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "W1.f1",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "hostapd version 2.6 Ubiquiti AP-AC-Pro firmware 4.0.10.9653"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-440",
"description": "CWE-440: Expected Behavior Violation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T17:33:38",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2019-5061",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "W1.f1",
"version": {
"version_data": [
{
"version_value": "hostapd version 2.6 Ubiquiti AP-AC-Pro firmware 4.0.10.9653"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.4,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-440: Expected Behavior Violation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849",
"refsource": "MISC",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2019-5061",
"datePublished": "2019-12-12T21:36:45",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:47:55.757Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13086
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-16T13:57:02",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "RHSA-2017:2907",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13086",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.219Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-13079
Vulnerability from cvelistv5
Published
2017-10-17 13:00
Modified
2024-08-05 18:58
Severity ?
EPSS score ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Wi-Fi Alliance | Wi-Fi Protected Access (WPA and WPA2) |
Version: WPA Version: WPA2 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.231Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Wi-Fi Protected Access (WPA and WPA2)",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"status": "affected",
"version": "WPA"
},
{
"status": "affected",
"version": "WPA2"
}
]
}
],
"datePublic": "2017-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-323",
"description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-13T10:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "1039581",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Wi-Fi Protected Access (WPA and WPA2)",
"version": {
"version_data": [
{
"version_value": "WPA"
},
{
"version_value": "WPA2"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039581",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039581"
},
{
"name": "101274",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101274"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "SUSE-SU-2017:2745",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"name": "DSA-3999",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"name": "1039578",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039578"
},
{
"name": "https://access.redhat.com/security/vulnerabilities/kracks",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
"refsource": "MISC",
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
"refsource": "CONFIRM",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"name": "1039577",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039577"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"name": "openSUSE-SU-2017:2755",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"name": "https://source.android.com/security/bulletin/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"name": "GLSA-201711-03",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"name": "FreeBSD-SA-17:07",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"name": "https://www.krackattacks.com/",
"refsource": "MISC",
"url": "https://www.krackattacks.com/"
},
{
"name": "1039573",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039573"
},
{
"name": "SUSE-SU-2017:2752",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"name": "1039576",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039576"
},
{
"name": "1039585",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039585"
},
{
"name": "VU#228519",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"name": "USN-3455-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13079",
"datePublished": "2017-10-17T13:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4146
Vulnerability from cvelistv5
Published
2015-06-15 15:00
Modified
2024-08-06 06:04
Severity ?
EPSS score ?
Summary
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2015/05/31/6 | mailing-list, x_refsource_MLIST | |
| http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3397 | vendor-advisory, x_refsource_DEBIAN | |
| https://security.gentoo.org/glsa/201606-17 | vendor-advisory, x_refsource_GENTOO | |
| http://www.ubuntu.com/usn/USN-2650-1 | vendor-advisory, x_refsource_UBUNTU | |
| http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html | vendor-advisory, x_refsource_SUSE | |
| http://www.openwall.com/lists/oss-security/2015/05/09/6 | mailing-list, x_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:04:02.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
},
{
"name": "DSA-3397",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150531 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"name": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
},
{
"name": "DSA-3397",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"name": "GLSA-201606-17",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"name": "USN-2650-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"name": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt",
"refsource": "CONFIRM",
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"name": "openSUSE-SU-2015:1030",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"name": "[oss-security] 20150509 Re: CVE request: vulnerability in wpa_supplicant and hostapd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4146",
"datePublished": "2015-06-15T15:00:00",
"dateReserved": "2015-05-31T00:00:00",
"dateUpdated": "2024-08-06T06:04:02.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave temporal GTK (Group Temporal Key) durante la negociaci\u00f3n en cuatro pasos, haciendo que un atacante en el rango de radio reproduzca frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13078",
"lastModified": "2024-11-21T03:10:54.910",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.193",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208219"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208220"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208221"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208222"
},
{
"source": "cret@cert.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11w permite la reinstalaci\u00f3n de la clave temporal IGTK (Integrity Group Temporal Key) durante la negociaci\u00f3n en cuatro pasos, haciendo que un atacante en el rango de radio suplante frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13079",
"lastModified": "2024-11-21T03:10:55.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.367",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave TPK (Peer Key) TDLS (Tunneled Direct-Link Setup) durante la negociaci\u00f3n TDLS, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca, descifre o suplante frames."
}
],
"id": "CVE-2017-13086",
"lastModified": "2024-11-21T03:10:56.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.553",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-09 10:59
Modified
2024-11-21 02:52
Severity ?
Summary
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2016/05/03/12 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.ubuntu.com/usn/USN-3455-1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2016/05/03/12 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-3455-1 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 17.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A90C871-EFCB-4867-9338-0471B9A9B192",
"versionEndIncluding": "2.5",
"versionStartIncluding": "0.6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "84E8DC33-64D0-4507-8508-D0316070C1B2",
"versionEndIncluding": "2.5",
"versionStartIncluding": "0.6.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \\n and \\r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation."
},
{
"lang": "es",
"value": "hostapd 0.6.7 hasta la versi\u00f3n 2.5 y wpa_supplicant 0.6.7 hasta la versi\u00f3n 2.5 no rechaza caracteres \\n y \\r en par\u00e1metros passphrase, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corte de demonio) a trav\u00e9s de una operaci\u00f3n WPS manipulada."
}
],
"id": "CVE-2016-4476",
"lastModified": "2024-11-21T02:52:18.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-09T10:59:41.813",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/12"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/03/12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload."
},
{
"lang": "es",
"value": "La implementaci\u00f3n EAP-pwd server and peer en hostapd y wpa_supplicant 1.0 hasta 2.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (lectura fuera de rango y ca\u00edda) a trav\u00e9s de una carga \u00fatil de mensaje (1) Commit o (2) Confirm manipulada."
}
],
"id": "CVE-2015-4143",
"lastModified": "2024-11-21T02:30:30.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:07.913",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-26 22:29
Modified
2024-11-21 04:21
Severity ?
Summary
The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8A8224-43A2-4695-9FFE-DD2FB409C89F",
"versionEndExcluding": "2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "771CFB6E-2EC2-4453-98EC-42BFC280F745",
"versionEndExcluding": "2.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_supplicant (EAP peer) before 2.8 does not validate fragmentation reassembly state properly for a case where an unexpected fragment could be received. This could result in process termination due to a NULL pointer dereference (denial of service). This affects eap_server/eap_server_pwd.c and eap_peer/eap_pwd.c."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de EAP-pwd en hostapd (servidor EAP),versiones anteriores a 2.8, y wpa_supplicant (peer EAP), versiones anteriores a 2.8, no valida correctamente el estado de reensamblado de la fragmentaci\u00f3n para un caso en el que se pudiera recibir un fragmento no esperado. Esto podr\u00eda derivar en la terminaci\u00f3n del proceso debido a una derivaci\u00f3n de un puntero NULL (denegaci\u00f3n de servicio). Esto afecta a eap_server/eap_server_pwd.c y eap_peer/eap_pwd.c."
}
],
"id": "CVE-2019-11555",
"lastModified": "2024-11-21T04:21:20.397",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-26T22:29:00.357",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/26/1"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T7G763UECWR7FQXOJVL67PW7C5A3SA4/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJKZHAT5KPUN26JL77EUH563GAH5XZ5C/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQ6P2GI5GSXRNLNIUNPARFZQVDEIGVZD/"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cve@mitre.org",
"url": "https://seclists.org/bugtraq/2019/May/64"
},
{
"source": "cve@mitre.org",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201908-25"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3969-1/"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3969-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-5/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt"
},
{
"source": "cve@mitre.org",
"url": "https://www.debian.org/security/2019/dsa-4450"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/04/18/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/04/26/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T7G763UECWR7FQXOJVL67PW7C5A3SA4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DJKZHAT5KPUN26JL77EUH563GAH5XZ5C/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQ6P2GI5GSXRNLNIUNPARFZQVDEIGVZD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/64"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201908-25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3969-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3969-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.debian.org/security/2019/dsa-4450"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/04/18/6"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| synology | radius_server | 3.0 | |
| synology | router_manager | 1.2 | |
| freebsd | freebsd | * | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "552340BD-4450-4767-BDB3-44FF526BD4ED",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9FD3E6-61E9-4F50-8077-DDC07F2CC46D",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "068DF041-070A-4483-98A7-3FA2E245344F",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "922FB3CB-715B-425D-A5DA-E6A50E6D174F",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6E6871-7BB3-43BB-9A31-0B44B46C8D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85F6D2BF-23EA-4D44-8126-64EA85184D38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89C04C1-3DAF-4490-9045-7E18323B04E4",
"versionEndIncluding": "11.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3ACD1D8D-B3BC-4E99-B846-90A4071DB87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "34134EDA-127A-48E2-B630-94DEF14666A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "699FE432-8DF0-49F1-A98B-0E19CE01E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "20B06752-39EE-4600-AC1F-69FB9C88E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "E86CD544-86C4-4D9D-9CE5-087027509EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "64E47AE7-BB45-428E-90E9-38BFDFF23650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "586B9FA3-65A2-41EB-A848-E4A75565F0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "1164B48E-2F28-43C5-9B7B-546EAE12E27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "F0B15B89-3AD2-4E03-9F47-DA934702187B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "826B53C2-517F-4FC6-92E8-E7FCB24F91B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "93F10A46-AEF2-4FDD-92D6-0CF07B70F986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E1AD57A9-F53A-4E40-966E-F2F50852C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C4029113-130F-4A33-A8A0-BC3E74000378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Las implementaciones del componente EAP-PWD en wpa_supplicant EAP Peer, cuando se construyen contra una biblioteca criptogr\u00e1fica que carece de comprobaci\u00f3n expl\u00edcita en elementos importados, no comprueban los valores escalares y de elementos en EAP-pwd-Commit. Un atacante puede completar la identificaci\u00f3n, la clave de sesi\u00f3n y el control de la conexi\u00f3n de datos con un cliente. Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE anterior e incluyendo la versi\u00f3n 2.4 son impactados. Tanto hostapd con soporte EAP-pwd como wpa_supplicant con soporte EAP-pwd anterior y con la versi\u00f3n 2.7 est\u00e1n impactados."
}
],
"id": "CVE-2019-9499",
"lastModified": "2024-11-21T04:51:44.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:04.057",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-10-16 00:55
Modified
2024-11-21 02:08
Severity ?
Summary
wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | 0.7.2 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | wpa_supplicant | 0.72 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| canonical | ubuntu_linux | 10.04 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| debian | debian_linux | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5CBC86-4F65-4A1E-8423-D599B8F89EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "050B5B2C-38A3-49AA-8487-8BE5C13D3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame."
},
{
"lang": "es",
"value": "wpa_supplicant y hostapd 0.7.2 hasta 2.2 cuando se ejecutan ciertas configuraciones y se utilizan los secuencias de comandos using_wpa_cli o hostapd_cli, permite a atacantes remotos ejecutar comandos arbitrarios a trav\u00e9s de un frame manipulado."
}
],
"id": "CVE-2014-3686",
"lastModified": "2024-11-21T02:08:38.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-16T00:55:05.577",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://advisories.mageia.org/MGASA-2014-0429.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1956.html"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60366"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/60428"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/61271"
},
{
"source": "secalert@redhat.com",
"url": "http://w1.fi/security/2014-1/"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2014/dsa-3052"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:120"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2014/10/09/28"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/70396"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2383-1"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0429.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-10/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1956.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61271"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://w1.fi/security/2014-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:120"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2014/10/09/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2383-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1151259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-12 22:15
Modified
2024-11-21 04:44
Severity ?
Summary
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 802.11w sessions. By simulating an incomplete new association, an attacker can trigger a deauthentication against stations using 802.11w, resulting in a denial of service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio explotable en el manejo del estado de seguridad 802.11w para clientes conectados a hostapd versi\u00f3n 2.6 con sesiones v\u00e1lidas de 802.11w. Simulando una nueva asociaci\u00f3n incompleta, un atacante puede desencadenar una desautenticaci\u00f3n contra estaciones que usan 802.11w, resultando en una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2019-5062",
"lastModified": "2024-11-21T04:44:16.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-12T22:15:11.127",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-440"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-02 05:15
Modified
2024-11-21 06:03
Severity ?
Summary
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | 2.9 | |
| w1.fi | wpa_supplicant | 2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EF4AE8EA-985A-471B-A423-591D604D6C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA940F9-A024-41FD-9B35-956788414E35",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c."
},
{
"lang": "es",
"value": "En wpa_supplicant y hostapd versi\u00f3n 2.9, los ataques de falsificaci\u00f3n pueden ocurrir porque los par\u00e1metros AlgorithmIdentifier son manejados inapropiadamente en los archivos tls/pkcs1.c y tls/x509v3.c."
}
],
"id": "CVE-2021-30004",
"lastModified": "2024-11-21T06:03:13.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-02T05:15:13.313",
"references": [
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| synology | radius_server | 3.0 | |
| synology | router_manager | 1.2 | |
| freebsd | freebsd | * | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "552340BD-4450-4767-BDB3-44FF526BD4ED",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9FD3E6-61E9-4F50-8077-DDC07F2CC46D",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "068DF041-070A-4483-98A7-3FA2E245344F",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "922FB3CB-715B-425D-A5DA-E6A50E6D174F",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6E6871-7BB3-43BB-9A31-0B44B46C8D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:router_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85F6D2BF-23EA-4D44-8126-64EA85184D38",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A89C04C1-3DAF-4490-9045-7E18323B04E4",
"versionEndIncluding": "11.1",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3ACD1D8D-B3BC-4E99-B846-90A4071DB87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p13:*:*:*:*:*:*",
"matchCriteriaId": "34134EDA-127A-48E2-B630-94DEF14666A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "699FE432-8DF0-49F1-A98B-0E19CE01E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "20B06752-39EE-4600-AC1F-69FB9C88E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "E86CD544-86C4-4D9D-9CE5-087027509EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "64E47AE7-BB45-428E-90E9-38BFDFF23650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "586B9FA3-65A2-41EB-A848-E4A75565F0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "1164B48E-2F28-43C5-9B7B-546EAE12E27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "F0B15B89-3AD2-4E03-9F47-DA934702187B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "826B53C2-517F-4FC6-92E8-E7FCB24F91B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "93F10A46-AEF2-4FDD-92D6-0CF07B70F986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E1AD57A9-F53A-4E40-966E-F2F50852C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C4029113-130F-4A33-A8A0-BC3E74000378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Las implementaciones del componente EAP-PWD en hostapd en EAP Server, cuando se construyen contra una biblioteca criptogr\u00e1fica sin comprobaci\u00f3n expl\u00edcita en elementos importados, no comprueban los valores escalares y de elementos en EAP-pwd-Commit. Un atacante puede usar valores escalares y de elementos no v\u00e1lidos para completar la autenticaci\u00f3n, conseguir clave de sesi\u00f3n y acceso a la red sin necesidad de conocer la contrase\u00f1a. Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE anterior e incluyendo la versi\u00f3n 2.4 son impactados. Tanto hostapd con soporte EAP-pwd como wpa_supplicant con soporte EAP-pwd anterior y con la versi\u00f3n 2.7 est\u00e1n afectados."
}
],
"id": "CVE-2019-9498",
"lastModified": "2024-11-21T04:51:44.190",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:04.010",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave temporal GTK (Group Temporal Key) durante la negociaci\u00f3n de la clave de grupo, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13080",
"lastModified": "2024-11-21T03:10:55.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.397",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id/1039703"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208219"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208220"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208221"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208222"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208325"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208327"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208334"
},
{
"source": "cret@cert.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1039703"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-02-28 15:15
Modified
2024-11-21 04:18
Severity ?
Summary
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53652040-A54B-4134-8A93-8C0446AAF6A2",
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743."
},
{
"lang": "es",
"value": "hostapd versiones anteriores a 2.6, en el modo EAP, hace llamadas hacia las funciones de biblioteca est\u00e1ndar rand() y random() sin ninguna llamada srand() o srandom() precedente, lo que resulta en un uso inapropiado de valores determin\u00edsticos. Esto fue corregido en conjunto con CVE-2016-10743."
}
],
"id": "CVE-2019-10064",
"lastModified": "2024-11-21T04:18:19.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-28T15:15:11.993",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-331"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5133129D-DA6B-485D-9FE7-33C994FBAF05",
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46294B0E-0043-487D-AD8F-931DC05F0E78",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Una secuencia de autorizaci\u00f3n no v\u00e1lida puede conllevar a que el proceso de hostapd termine a causa de que faltan pasos de comprobaci\u00f3n de estado al procesar el mensaje de confirmaci\u00f3n SAE cuando est\u00e1 en el modo hostapd/AP. Todas las versiones de hostapd con soporte SAE son vulnerables. Un atacante puede forzar la terminaci\u00f3n del proceso de hostapd, realizando un ataque de Denegaci\u00f3n de Servicio (DoS). Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE e incluyendo la versi\u00f3n 2.7 est\u00e1n afectados."
}
],
"id": "CVE-2019-9496",
"lastModified": "2024-11-21T04:51:43.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.917",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"source": "cret@cert.org",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-642"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-17 02:15
Modified
2024-11-21 06:48
Severity ?
Summary
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3587622-0BD8-4DCB-811F-410671BBD37E",
"versionEndExcluding": "2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334B562B-B7A1-480C-ADF0-B92A14385AD1",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495."
},
{
"lang": "es",
"value": "Las implementaciones de EAP-pwd en hostapd versiones anteriores a 2.10 y wpa_supplicant versiones anteriores a 2.10, son vulnerables a ataques de canal lateral como resultado de los patrones de acceso a la cach\u00e9. NOTA: este problema se presenta debido a una correcci\u00f3n incompleta de CVE-2019-9495"
}
],
"id": "CVE-2022-23304",
"lastModified": "2024-11-21T06:48:22.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-17T02:15:06.813",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/security/2022-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/security/2022-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11w permite la reinstalaci\u00f3n de la clave temporal IGTK (Integrity Group Temporal Key) durante el handshake de clave de grupo, haciendo que un atacante en el rango de radio suplante frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13081",
"lastModified": "2024-11-21T03:10:55.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.443",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave STK (Transient Key) STSL (Station-To-Station-Link) durante la negociaci\u00f3n PeerKey, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca, descifre o suplante frames."
}
],
"id": "CVE-2017-13084",
"lastModified": "2024-11-21T03:10:56.107",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.520",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 02:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave temporal (TK) PTK (Pairwise Transient Key) durante la negociaci\u00f3n en cuatro pasos, haciendo que un atacante que se sit\u00fae entro del radio responda, descifre o suplante frames."
}
],
"id": "CVE-2017-13077",
"lastModified": "2024-11-21T03:10:54.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T02:29:00.207",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "cret@cert.org",
"url": "http://www.securitytracker.com/id/1041432"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208219"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208220"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208221"
},
{
"source": "cret@cert.org",
"url": "https://support.apple.com/HT208222"
},
{
"source": "cret@cert.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039585"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1041432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2018-04-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2018-06-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/HT208222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| synology | radius_server | 3.0 | |
| synology | router_manager | * | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5133129D-DA6B-485D-9FE7-33C994FBAF05",
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46294B0E-0043-487D-AD8F-931DC05F0E78",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6E6871-7BB3-43BB-9A31-0B44B46C8D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "041AF55B-1899-4C8D-8236-215027609F79",
"versionEndExcluding": "1.2.3-8087",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3ACD1D8D-B3BC-4E99-B846-90A4071DB87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "699FE432-8DF0-49F1-A98B-0E19CE01E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "20B06752-39EE-4600-AC1F-69FB9C88E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "E86CD544-86C4-4D9D-9CE5-087027509EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "64E47AE7-BB45-428E-90E9-38BFDFF23650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "586B9FA3-65A2-41EB-A848-E4A75565F0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "1164B48E-2F28-43C5-9B7B-546EAE12E27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "F0B15B89-3AD2-4E03-9F47-DA934702187B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "878DF67E-420A-4229-BEA8-DB9F7161ED9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "826B53C2-517F-4FC6-92E8-E7FCB24F91B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "93F10A46-AEF2-4FDD-92D6-0CF07B70F986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E1AD57A9-F53A-4E40-966E-F2F50852C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C4029113-130F-4A33-A8A0-BC3E74000378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Las implementaciones SAE en hostapd y wpa_supplicant son vulnerables a los ataques de canal lateral (side channel) como resultado de diferencias de tiempo observables y patrones de acceso a la cach\u00e9. Un atacante puede conseguir informaci\u00f3n filtrada de un ataque de canal lateral (side channel) que pueda ser usado para la recuperaci\u00f3n completa de la contrase\u00f1a. Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE antes e incluyendo la versi\u00f3n 2.7 est\u00e1n afectados."
}
],
"id": "CVE-2019-9494",
"lastModified": "2024-11-21T04:51:43.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.840",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-208"
},
{
"lang": "en",
"value": "CWE-524"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-09-12 20:15
Modified
2024-11-21 04:30
Severity ?
Summary
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 10.0 | |
| canonical | ubuntu_linux | 12.04 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4856F28C-C7EC-459C-9357-35E635781A9A",
"versionEndIncluding": "2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "71C32B8A-16F6-473D-AF69-EDDEE78C5A3A",
"versionEndIncluding": "2.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range."
},
{
"lang": "es",
"value": "hostapd versiones anteriores a 2.10 y wpa_supplicant versiones anteriores a 2.10, permiten una indicaci\u00f3n incorrecta de desconexi\u00f3n en ciertas situaciones porque la comprobaci\u00f3n de la direcci\u00f3n de origen es manejada inapropiadamente. Esta es una denegaci\u00f3n de servicio que debi\u00f3 haber sido evitada mediante PMF (tambi\u00e9n se conoce como protecci\u00f3n de la trama de administraci\u00f3n). El atacante requiere enviar una trama 802.11 dise\u00f1ada desde una ubicaci\u00f3n que este dentro del rango de comunicaciones de 802.11."
}
],
"id": "CVE-2019-16275",
"lastModified": "2024-11-21T04:30:26.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-09-12T20:15:11.773",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HY6STGJIIROVNIU6VMB2WTN2Q5M65WF4/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBJXUKV6XMSELWNXPS37CSUIH5EUHFXQ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4136-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4136-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-7/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/11/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/09/12/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36G4XAZ644DMHBLKOL4FDSPZVIGNQY6U/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7NCLOPTZNRRNYODH22BFIDH6YIQWLJD/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FEGITWRTIWABW54ANEPCEF4ARZLXGSK5/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HY6STGJIIROVNIU6VMB2WTN2Q5M65WF4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PBJXUKV6XMSELWNXPS37CSUIH5EUHFXQ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4136-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4136-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-7/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2019/09/11/7"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-346"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-03-23 19:29
Modified
2024-11-21 02:44
Severity ?
Summary
hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53652040-A54B-4134-8A93-8C0446AAF6A2",
"versionEndExcluding": "2.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call."
},
{
"lang": "es",
"value": "hostapd, en versiones anteriores a la 2.6, no evita el uso de un PRNG de baja calidad que se alcanza mediante una llamada de funci\u00f3n os_random()."
}
],
"id": "CVE-2016-10743",
"lastModified": "2024-11-21T02:44:38.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-23T19:29:00.210",
"references": [
{
"source": "cve@mitre.org",
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/3944-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/156573/Hostapd-Insufficient-Entropy.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2020/Feb/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2020/02/27/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00035.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3944-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=98a516eae8260e6fd5c48ddecf8d006285da7389"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-332"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message."
},
{
"lang": "es",
"value": "La implementaci\u00f3n EAP-pwd server and peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no valida que un mensaje tiene la longitud suficiente para contener el campo Total-Length, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un mensaje manipulado."
}
],
"id": "CVE-2015-4144",
"lastModified": "2024-11-21T02:30:30.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:08.790",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-11-09 16:59
Modified
2024-11-21 02:37
Severity ?
Summary
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "068DF041-070A-4483-98A7-3FA2E245344F",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "552340BD-4450-4767-BDB3-44FF526BD4ED",
"versionEndIncluding": "2.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a large payload length field value in an (1) WPS or (2) P2P NFC NDEF record, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de entero en el analizador de registro NDEF en hostapd en versiones anteriores a 2.5 y wpa_supplicant en versiones anteriores a 2.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de proceso o bucle infinito) a trav\u00e9s de un valor de campo payload length grande en un registro (1) WPS o (2) P2P NFC NDEF, lo que desencadena una lectura fuera de rangos."
}
],
"id": "CVE-2015-8041",
"lastModified": "2024-11-21T02:37:54.323",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-11-09T16:59:10.560",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html"
},
{
"source": "cve@mitre.org",
"url": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/11/02/5"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75604"
},
{
"source": "cve@mitre.org",
"url": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog"
},
{
"source": "cve@mitre.org",
"url": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00041.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://w1.fi/security/2015-5/incomplete-wps-and-p2p-nfc-ndef-record-payload-length-validation.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/11/02/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://w1.fi/cgit/hostap/plain/hostapd/ChangeLog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message."
},
{
"lang": "es",
"value": "La implementaci\u00f3n EAP-pwd peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no limpia los indicadores L (Length) y M (More) antes de determinar si una respuesta debe ser fragmentada, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un mensaje manipulado."
}
],
"id": "CVE-2015-4146",
"lastModified": "2024-11-21T02:30:30.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:10.617",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"url": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11v permite la reinstalaci\u00f3n de la clave temporal GTK (Integrity Group Temporal Key) cuando se procesa un frame Wireless Network Management (WNM) Sleep Mode Response, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13088",
"lastModified": "2024-11-21T03:10:56.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.630",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "552340BD-4450-4767-BDB3-44FF526BD4ED",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9FD3E6-61E9-4F50-8077-DDC07F2CC46D",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "068DF041-070A-4483-98A7-3FA2E245344F",
"versionEndIncluding": "2.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "922FB3CB-715B-425D-A5DA-E6A50E6D174F",
"versionEndIncluding": "2.7",
"versionStartIncluding": "2.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Las implementaciones de EAP-PWD en hostapd en EAP Server y wpa_supplicant en EAP Peer, no comprueban los valores escalares y de elementos en EAP-pwd-Commit. Esta vulnerabilidad puede permitir que un atacante complete la identificaci\u00f3n EAP-PWD sin conocer la contrase\u00f1a. Sin embargo, a menos que la biblioteca criptogr\u00e1fica no implemente comprobaciones adicionales para el punto EC, el atacante no podr\u00e1 derivar la clave de sesi\u00f3n o completar el intercambio de claves. Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE anterior e incluyendo la versi\u00f3n 2.4 son impactados. Tanto hostapd con soporte EAP-pwd como wpa_supplicant con soporte EAP-pwd anterior y con la versi\u00f3n 2.7 est\u00e1n afectaos."
}
],
"id": "CVE-2019-9497",
"lastModified": "2024-11-21T04:51:44.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.963",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "cret@cert.org",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-301"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message."
},
{
"lang": "es",
"value": "La implementaci\u00f3n EAP-pwd server and peer en hostapd y wpa_supplicant 1.0 hasta 2.4 no valida si un fragmento ya est\u00e1 siendo procesado, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (fuga de memoria) a trav\u00e9s de un mensaje manipulado."
}
],
"id": "CVE-2015-4145",
"lastModified": "2024-11-21T02:30:30.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:09.727",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-4/eap-pwd-missing-payload-length-validation.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-04-17 14:29
Modified
2024-11-21 04:51
Severity ?
Summary
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.1 | |
| synology | radius_server | 3.0 | |
| synology | router_manager | * | |
| debian | debian_linux | 8.0 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 11.2 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 | |
| freebsd | freebsd | 12.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5133129D-DA6B-485D-9FE7-33C994FBAF05",
"versionEndIncluding": "2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46294B0E-0043-487D-AD8F-931DC05F0E78",
"versionEndIncluding": "2.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C6E6871-7BB3-43BB-9A31-0B44B46C8D97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BF272B20-75B8-4D3D-A09A-610A3F748A45",
"versionEndExcluding": "1.2.3-8017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3ACD1D8D-B3BC-4E99-B846-90A4071DB87B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "699FE432-8DF0-49F1-A98B-0E19CE01E5CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*",
"matchCriteriaId": "20B06752-39EE-4600-AC1F-69FB9C88E2A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*",
"matchCriteriaId": "22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*",
"matchCriteriaId": "E86CD544-86C4-4D9D-9CE5-087027509EDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*",
"matchCriteriaId": "64E47AE7-BB45-428E-90E9-38BFDFF23650",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*",
"matchCriteriaId": "586B9FA3-65A2-41EB-A848-E4A75565F0CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*",
"matchCriteriaId": "1164B48E-2F28-43C5-9B7B-546EAE12E27D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*",
"matchCriteriaId": "F0B15B89-3AD2-4E03-9F47-DA934702187B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "878DF67E-420A-4229-BEA8-DB9F7161ED9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "826B53C2-517F-4FC6-92E8-E7FCB24F91B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "93F10A46-AEF2-4FDD-92D6-0CF07B70F986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E1AD57A9-F53A-4E40-966E-F2F50852C5E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "C4029113-130F-4A33-A8A0-BC3E74000378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
},
{
"lang": "es",
"value": "Las implementaciones de EAP-PWD en hostapd y wpa_supplicant son vulnerables a los ataques de canal lateral (side-channel) como resultado de los patrones de acceso a la cach\u00e9. Todas las versiones de hostapd y wpa_supplicant con soporte de EAP-PWD son vulnerables. La capacidad de instalar y ejecutar aplicaciones es necesaria para un ataque con exito. Los patrones de acceso a memoria son visibles en cach\u00e9 compartido. Las contrase\u00f1as d\u00e9biles pueden ser crackeadas. Las versiones de hostapd/wpa_supplicant versi\u00f3n 2.7 y posteriores, no son vulnerables al ataque de tiempo descrito en CVE-2019-9494. Tanto hostapd con soporte EAP-pwd como wpa_supplicant con soporte EAP-pwd anterior y con la versi\u00f3n 2.7 est\u00e1n afectados."
}
],
"id": "CVE-2019-9495",
"lastModified": "2024-11-21T04:51:43.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-04-17T14:29:03.887",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "cret@cert.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "cret@cert.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "cret@cert.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-524"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-06-08 17:15
Modified
2024-11-21 05:00
Severity ?
Summary
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EAF0BA-0F00-4EC3-8AD1-38798E302EDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96FB9DD1-0AD3-422E-BE39-36D16B259BB3",
"versionEndExcluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E4A59C5-BD20-4EF8-BB18-E3EC2AFAB02F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5324C118-FC2A-4701-A2D4-B149B6F8D82B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "27493F05-2B86-41C9-90F3-29ED4621989F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3B7126-28E1-42F8-98CF-0EC156BE68D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CAB01CB7-C5BB-49D6-85A7-CECED514C7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9917176-E908-4110-A641-FED1DFF41C43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE29D9CF-0D42-4C02-8300-364DD9D87553",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42ADBAEC-12BB-40FB-B013-9E66B7849FE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A29F002-A941-44B1-9CD3-CC239DCBC1EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA722A34-5071-41A6-8C94-10719DCB0A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E5772EE0-AAFE-4E11-BE24-05839353E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCFF0E3-1CA8-4676-9152-0F9B7E0DAF41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B1EBF0A-5E1B-4B26-97C3-08EFFECD4941",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48BD48DC-F9D7-4377-9E08-93AB0416570D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDD52F9F-7715-424A-B0CD-923507C3AB31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE9A1753-C59A-447F-9396-F3B4284112DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC93844-D227-42B7-AE09-A439756773BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A52BAA-FCAB-4D01-B533-CDC2230F41B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DFAEE5-8B2C-4940-AC00-2961BC373755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FACBCEE3-5F3E-42B8-B6D4-3E945BC8BFD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8F786A-C18B-4320-8B3D-2572D84BEFE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F20CDA-18E9-4AC7-BC83-0C94A184B398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30063847-3DAD-4485-9B38-4C0E8F928E40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*",
"matchCriteriaId": "996C8FE4-5926-4D97-A28F-E371F3AFA876",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DAAA79D-A2A0-408F-B2E0-D88C315D73DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "866A5154-8E94-41C5-8F4F-F4B322986DE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45362946-1559-42A8-A575-C136A6732B5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28A17A5E-07EC-4166-BEC1-252A40A85A64",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "606660FF-DBFD-4F88-AF36-125BA4B57D8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A109EFF-698F-438E-A9CA-7FDB2BB1E19D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBFA37F9-41D0-496B-B90F-1BD08A0615F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C4F2B72-03BE-49CF-85C6-405CCB0F711C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8970163-15C4-4C35-9976-E03364E6801D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9DA94DA-C428-4143-B8EB-43B8022D98A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FB3E78-3AF8-4FE2-A6EC-5F8FE87078A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB98F236-726C-43B4-B391-90052354AFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE0015AA-6FC5-4AA2-8529-A09BFF2F867F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA69799-EA06-407A-92E0-7FFD2C7A9A5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F3A6EAD-B58C-4C45-A63E-D4F6E47EDD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA924C6-7BEB-4B2A-92E0-EA3BAFA469DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3866E12-99A8-4375-B941-B5967196A392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4539F8EF-9925-47A7-A3B8-C365B64A476B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA59F9C1-069E-450F-AEEF-8D4D9395B544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAFD9ED4-1DB1-4150-84EC-DD6377B626E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE84F86-9EDA-47BB-8C83-A3E7505BA776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6903ED00-1EBC-476A-ADED-650D00113193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC732835-E3DC-46A2-AF68-0E4F48A44D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4839445-6775-4DC6-A0F1-D8073EC083BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99320BB7-7F19-4DF6-B9F6-D854660CFA70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D258693F-EAA4-42AA-BDE2-F9F964870DE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B50A1E9-B246-44A2-A002-221EAA3A3B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D1CD0D8-F551-492B-AA36-9E1FCBA66AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FD8A8A3-B906-47D9-9BDE-68A73432F680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D9E6BE-F3C4-4A2C-8744-976D5F79A408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D77C54A-B051-4442-A590-C182E9594B81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4731E44-0726-4BA4-9E0D-9DAA7FF4690C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84988928-8254-4C49-BB9A-DCF415594E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8604981-347C-432F-9C69-DD6ED4FB90A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57DD4D8C-DF38-46CC-9C75-5FDC1C5828B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC111A4D-9EB2-48F8-95C3-279F5F01EFB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F97B02EA-A8CD-477E-A370-3D801EF04472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9FF5706-AC17-4CB1-BB94-776149CB04ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A35DD32C-853A-42EC-821F-9F6C0E10478F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39035D44-8C6B-466B-8CDC-4693B1F0F1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDD3E6A5-4BE8-4DEE-8F6A-E687E0E031AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00206EC6-40E9-44D7-91C2-DED3213BB1E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D667474F-9358-40CF-8B0F-5F31A243412E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D53C5110-F0E4-4E51-97F2-C767BCBD21C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD44558B-C4F7-49FD-AC6C-CE664B707B6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABCA098-9BB5-4BB2-9BC2-A2F52276A7A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D70E7510-BEDA-45D1-A911-CBB6E0B5E53D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5342517-0F54-4C43-9058-67E292B5BF3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF5106EA-B2DC-4674-BA84-BBD9F3B976DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "481E0DF3-C2D3-48C4-9721-7850345F36FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46E44762-F2B9-4247-874E-8A6AED396653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2174440D-AC3E-4D24-A561-399643CCD944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B056A3A9-693E-4BA8-BB42-932569FC41F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03318A78-FFFF-4431-BE9F-1171613A1014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "021CD712-FB1B-4D30-BA64-93FD78578B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9633C6CB-0BA7-48B8-B4CA-96FF8E4D80D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87BDB946-A599-4333-8DFE-B0F4E28DA9FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47285B08-4086-495E-96B6-E56EC8E8525C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD864766-1ADF-40CA-AC4E-D8068C19362B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F85564A-E70B-4A79-8B71-08947DA20186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D75511-E215-494D-887F-D81B837B90B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FB6AD7A-D932-4C02-B2E2-D4C343796A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "371A5792-1442-4BE5-B639-DEBF35FF60D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7447513E-A664-49F8-BCDB-041C21E4986A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA7CDF6-4F2F-4227-AFCF-A7B77CFDBBA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2B45C67-E822-4932-AC44-A41B40C51089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F24EC840-1FE5-4BE2-95CD-79CA0AD521BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83089810-0E60-4D5C-8B40-28D54E5C8121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FC960C1-BF3D-41F4-AC85-5BEF4E96F5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05D6ABC6-926F-4561-8196-7B0B5F39F3DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0525848-038E-447E-8A69-BDA1227947AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42FBB9B2-69DB-495D-87D4-F313047660FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7477AAA3-FD6F-4A4F-B3C8-DCF55695991E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D024C1BF-9F18-4D5E-988D-EC1083BA0D01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EACF115-7053-4EB6-A3F0-47D9D5D2BC8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E5BB174-2D00-4B03-9DCF-32F8A93D3EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "998C35EB-4B53-4CB7-A0A0-5FFFEF5BD155",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86B34CE8-A2A4-4F36-8898-138E4B0A542A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB71C71-5E10-43AB-83EA-AF5BD863163D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8A5F418-5FF5-4DB1-92DC-8C3588A10906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38F9056F-C3FD-4FC6-BCCD-0501BCEDB3C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3CC1275-CE6D-4C40-9F5A-F799DE82CC31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D5058889-2BCA-4EB3-8F0A-07FF682B50F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1766FB5C-A6A1-4E61-9D34-4656A862C6F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB77C0E-1B04-4FC6-B5B0-D7FB21A29007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F138EE5A-CCF6-4B08-8D77-1293FC6C7C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A3879D0-F71A-45B1-8D9F-ABA4CCA07A81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28CF45C7-F897-4BB8-8B6D-6AEEF7B384A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16C33C80-F0F4-483F-AC8C-FBA8DD82D05D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4959F00-BCCF-4C51-B476-019733E14DEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF045C3-ED70-4913-AF9F-AF2D65DADDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*",
"matchCriteriaId": "036366B3-1FFC-4BA0-B769-EA055BC56C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561002B2-A1BA-42C0-B81D-F3E9133FFFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FD7A448-9E0A-4F9D-83EA-3283AB99966A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7969AB56-208E-432E-A8D5-DE7839492604",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16666F94-9ED1-4616-9713-DE75F32D1421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD41ACC2-13C6-4569-80EB-13C490A3BECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "99304D37-E10C-4123-AEB8-EF9A601D7F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A6FE7-D032-4A1F-897A-D35611B3D2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E182D8-8E50-44CB-ACE7-FD93672EDD70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AC42C09-AC84-4D62-8C39-7482103AC14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B03E55D-88D8-4A51-8A08-2477E7FAF1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE91E209-C794-4D54-8313-ABB3755FD69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3944F997-DBA4-4BCB-8DB1-25C0515A4977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DDF09AE-17F0-4423-92CC-70B0914A623B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E98A4D36-AB5F-47A3-8E7D-BB514EDA47AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF0C02A-38C8-447E-80CF-6E020C6CB2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BE40C41-8AB9-4286-B201-1B1FD6430149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAA576D-B448-4ABC-B86C-BD0DDC682A95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC07377-3C14-4E19-8695-9E6EE69D64EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "442B60FE-E431-4AEB-86D4-557D5633BD7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3BD841-57D0-42C7-85D6-5365A7AC60F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2A8D7F-5A2F-47D7-B60E-1AD99F34F8D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEA384D-67F2-4261-BED4-94B9058D91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5397B5FD-921F-476A-B5F4-F1F9A94518CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E48B3B4C-8CF0-41BB-AFD4-7D8169BCBC2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B01EB68D-D445-431C-8B7C-ED249A364A3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A36C6EBA-1B08-4F7E-BE72-2D502A37EC4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4586D249-A8FF-4EAC-8B51-89FE59AC2960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAAF6995-205A-46FB-B904-E8102727E414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18824CB2-0239-4884-9C73-B1B520348C3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D1D9413-55BE-4A4C-AC5C-ED820E0243B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E51D01-D179-4956-9F6B-16A4E6F7F9F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "794EF52A-832E-4951-AE3C-8C6149E42909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06D75EBF-1E37-486A-BC50-B991E0EA51A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A1275DB-E4CB-446D-9AC4-9A02E2F4E98F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8892CDDD-B5D4-4D10-AA40-CC29846B3F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86BDA5FF-5022-44BE-92C6-5A71AAB06BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E427C91-DF55-4D55-A650-FF35B804B6CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "623C646C-DCE6-4E2C-98CB-BAA54F41485E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B8F20D-5433-4F88-89BA-C4CD6A7EFB0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA5F18F4-1BE4-4518-B2D1-89FD55A0E61C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CA908F-40A8-40BA-AF4C-467D9FB4B720",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2B05D5-56EE-4778-A30E-2A8705760511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A798BB4B-7F4C-4C5E-B3CC-B3BD3668F1BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB97E07-FDAF-46D2-B3F1-7F01D1B093C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B89AC8D-AACC-415C-AB42-6D7712B820EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0875F92-3E39-4958-9240-B7E2FE8601B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8BB196-69AD-4172-A5D9-229E77A9C81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3FB392C-FC90-45B3-B0C4-FB8762986417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEAB5445-7A0D-48A5-B03C-65D7B809BCC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65D3BE1C-4A96-4153-90AC-893A47B47DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC025AAE-E85B-45E8-BA94-290097CB4B7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB506DAD-0266-49B6-93A1-1F3BCD7FEA04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE74089E-9AAA-44BC-9A61-7A4E09789C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8543B3C3-0483-480A-9281-458E81A66DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019F45ED-891F-4C7E-9236-89F5A3F86653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "686C6BF0-D822-4CC2-9F9D-F85AA4BBDCAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F699145A-206A-40EA-8820-46DE934E0788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D3855AF-A674-4EC1-A0E7-2A6B99A94C48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "500F66C5-3054-4126-8926-94DC1432D116",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DBEA162-162B-47C1-AE5E-2B8AB7E8E020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA1531A-B518-4408-9254-87743147F4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA85B6EF-330A-4C99-B355-3563623920A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFA22DA-5C42-4D55-B5D8-CB138B27544F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D7FD2C-5799-4A72-AA5B-B1A2BADFB664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C21D2DF-C98C-44BE-8F55-5D345266B69F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8966D89-B778-4B46-B28A-1621FA910B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2521E9E-D61F-46E4-A5DA-35AC996137C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF22F28C-AE05-46C0-A9B8-0D1272147CC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13463F33-0D5F-4BD7-86BD-85EB0C3ED6ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF59A86-2BF5-44E7-A2E7-3958064D42DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90714920-70C8-402F-A5D0-795B69887B71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF275372-458E-456A-94DB-0BAB5F9F15A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D183ADD-0776-4E84-8BB2-DFF427F3F666",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B26E254E-F461-42CA-BB26-5B18E2266475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E225A758-DBDA-40F8-98A8-DD891E173B84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE13E814-C18C-474A-BC09-F5E01EF84831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "932FB119-04F3-459E-A414-3F7A240254F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "412A9802-E85D-4547-84B3-44E3F8DC2C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E65AC31-6D84-4B54-BF48-98D173185B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3020F448-42AE-4ADB-B362-CD978FCA47EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5BFA2B-0B40-48D0-AE96-E18FF069524B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78A59121-66F1-4C09-B142-B4C2F898FB3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28459A79-756A-4E36-AC7A-BAFF63E2CC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1F8CB88F-4333-4089-83C3-C45FEC7763E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52B8526B-CF07-4291-9403-432CCFD5F54A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5E91F3-FD77-47E6-BBAF-E39AB288C106",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA3591F4-15BB-4DF4-A78A-95618BF8E47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "630E70ED-A042-44AC-98D2-0D7A2D088DFF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A92BA666-CFD5-42D6-AA64-818CC2513642",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48AE6436-788C-46E2-9F52-9999853919E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26C70C35-BDEA-4F58-A96B-3E24431D0F00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86368A-7589-45FC-B9F9-E3D7175F7A96",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E878B7D8-06D3-4B94-A3C4-9065B0240790",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38C0ECB8-909F-47C9-81E5-24384D555A11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53C32749-82A6-42AA-9EBE-11014F161D2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*",
"matchCriteriaId": "703AFCFF-7B05-43E5-9600-09431D1AD04B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue."
},
{
"lang": "es",
"value": "La especificaci\u00f3n UPnP de Open Connectivity Foundation antes del 17-04-2020 no proh\u00edbe la aceptaci\u00f3n de una petici\u00f3n de suscripci\u00f3n con una URL de entrega en un segmento de red diferente a la URL de suscripci\u00f3n de evento totalmente calificada, tambi\u00e9n se conoce como el problema de CallStranger"
}
],
"id": "CVE-2020-12695",
"lastModified": "2024-11-21T05:00:05.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 7.8,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-08T17:15:09.973",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/corelight/callstranger-detector"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/yunuscadirci/CallStranger"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://www.callstranger.com"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4898"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/06/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/corelight/callstranger-detector"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/yunuscadirci/CallStranger"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4494-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://www.callstranger.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2020/dsa-4806"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-4898"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/339275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-10 18:55
Modified
2024-11-21 01:42
Severity ?
Summary
Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small "TLS Message Length" value in an EAP-TLS message with the "More Fragments" flag set.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "816B50F2-87B8-4A74-80CA-6DE23A61AA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4EC748-0E3D-4A70-9B30-0B0048637222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA68E996-A9DA-4D58-AA05-B4F9CFD8FF78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "625BF95C-F216-4853-B62F-4A220427E1B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8EE7C5C4-AF37-4DE1-B240-5B35BB547505",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C8C75878-75FC-4792-BF93-6E6758BCFC94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1BC3E9-5AA2-466E-AAE0-4FB5EDF85860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6475E94F-F457-4053-8B1B-F44D42742271",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A01092A1-8D52-4474-BC85-663BCA683208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B79614B8-BEEC-4772-944B-F631D85A278D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5CBC86-4F65-4A1E-8423-D599B8F89EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the eap_server_tls_process_fragment function in eap_server_tls_common.c in the EAP authentication server in hostapd 0.6 through 1.0 allows remote attackers to cause a denial of service (crash or abort) via a small \"TLS Message Length\" value in an EAP-TLS message with the \"More Fragments\" flag set."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en la funci\u00f3n eap_server_tls_process_fragment de eap_server_tls_common.c en el servidor de autenticaci\u00f3n EAP en hostapd v0.6 hasta v1.0 permite a atacantes remotos provocar un denegaci\u00f3n de servicio (ca\u00edda o cancelaci\u00f3n) mediante un valor \"TLS Message Length\" peque\u00f1o, en un mensaje EAP-TLS con el valor \"More Fragments\" activo."
}
],
"id": "CVE-2012-4445",
"lastModified": "2024-11-21T01:42:54.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-10-10T18:55:04.377",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/86051"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50805"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50888"
},
{
"source": "secalert@redhat.com",
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2557"
},
{
"source": "secalert@redhat.com",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55826"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027808"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86051"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalaci\u00f3n de la clave temporal PTK (Pairwise Transient Key) durante la negociaci\u00f3n de la transmisi\u00f3n r\u00e1pida (FT) BSS, haciendo que un atacante en el rango de radio reproduzca, descifre o suplante frames."
}
],
"id": "CVE-2017-13082",
"lastModified": "2024-11-21T03:10:55.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.473",
"references": [
{
"source": "cret@cert.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "cret@cert.org",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039570"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039571"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"source": "cret@cert.org",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
},
{
"source": "cret@cert.org",
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-323"
}
],
"source": "cret@cert.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | wpa_supplicant | 0.7.0 | |
| w1.fi | wpa_supplicant | 0.7.1 | |
| w1.fi | wpa_supplicant | 0.7.2 | |
| w1.fi | wpa_supplicant | 0.7.3 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| w1.fi | hostapd | 0.7.0 | |
| w1.fi | hostapd | 0.7.1 | |
| w1.fi | hostapd | 0.7.2 | |
| w1.fi | hostapd | 0.7.3 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66B567FD-E20D-4043-B6DD-E14EA7B487C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6D0E07-3A95-47D3-AACA-FAA0F4A0C6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF6ADDB-57C6-435D-8D64-D11BC5F3D71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A01092A1-8D52-4474-BC85-663BCA683208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B79614B8-BEEC-4772-944B-F631D85A278D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5CBC86-4F65-4A1E-8423-D599B8F89EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow."
},
{
"lang": "es",
"value": "La funci\u00f3n WPS UPnP en hostapd, cuando utiliza WPS AP, y wpa_supplicant, cuando utiliza el registro externo WPS (ER), 0.7.0 hasta 2.4 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una longitud de chunk negativa, lo que provoca una lectura fuera de rango o un desbordamiento de buffer basado en memoria din\u00e1mica."
}
],
"id": "CVE-2015-4141",
"lastModified": "2024-11-21T02:30:30.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:05.367",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-2/wps-upnp-http-chunked-transfer-encoding.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-15 15:59
Modified
2024-11-21 02:30
Severity ?
Summary
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | wpa_supplicant | 0.7.0 | |
| w1.fi | wpa_supplicant | 0.7.1 | |
| w1.fi | wpa_supplicant | 0.7.2 | |
| w1.fi | wpa_supplicant | 0.7.3 | |
| w1.fi | wpa_supplicant | 1.0 | |
| w1.fi | wpa_supplicant | 1.1 | |
| w1.fi | wpa_supplicant | 2.0 | |
| w1.fi | wpa_supplicant | 2.1 | |
| w1.fi | wpa_supplicant | 2.2 | |
| w1.fi | wpa_supplicant | 2.3 | |
| w1.fi | wpa_supplicant | 2.4 | |
| redhat | enterprise_linux_desktop | 6.0 | |
| redhat | enterprise_linux_hpc_node | 6.0 | |
| redhat | enterprise_linux_server | 6.0 | |
| redhat | enterprise_linux_workstation | 6.0 | |
| w1.fi | hostapd | 0.7.0 | |
| w1.fi | hostapd | 0.7.1 | |
| w1.fi | hostapd | 0.7.2 | |
| w1.fi | hostapd | 0.7.3 | |
| w1.fi | hostapd | 1.0 | |
| w1.fi | hostapd | 1.1 | |
| w1.fi | hostapd | 2.0 | |
| w1.fi | hostapd | 2.1 | |
| w1.fi | hostapd | 2.2 | |
| w1.fi | hostapd | 2.3 | |
| w1.fi | hostapd | 2.4 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "66B567FD-E20D-4043-B6DD-E14EA7B487C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC6D0E07-3A95-47D3-AACA-FAA0F4A0C6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACF6ADDB-57C6-435D-8D64-D11BC5F3D71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C2FAC325-6EEB-466D-9EBA-8ED4DBC9CFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A01092A1-8D52-4474-BC85-663BCA683208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B79614B8-BEEC-4772-944B-F631D85A278D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5CBC86-4F65-4A1E-8423-D599B8F89EE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read."
},
{
"lang": "es",
"value": "Subdesbordamiento de enteros en el analizador sint\u00e1ctico Frame de WMM Action en hostapd 0.5.5 hasta 2.4 y wpa_supplicant 0.7.0 hasta 2.4, cuando utilizado para la funcionalidad MLME/SME del modo AP, permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de un Frame manipulado, lo que provoca una lectura fuera de rango."
}
],
"id": "CVE-2015-4142",
"lastModified": "2024-11-21T02:30:30.233",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-15T15:59:06.850",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1090.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1439.html"
},
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2022/May/34"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/5"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032625"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "cve@mitre.org",
"url": "https://support.apple.com/kb/HT213258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/171401.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172608.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172655.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2015-06/msg00019.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1090.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1439.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2022/May/34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://w1.fi/security/2015-3/integer-underflow-in-ap-mode-wmm-action-frame.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/09/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/05/31/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032625"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2650-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201606-17"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.apple.com/kb/HT213258"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-15 17:15
Modified
2024-11-21 04:24
Severity ?
Summary
The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| fedoraproject | fedora | 30 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.04 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91A971D2-3B20-4798-B7F1-F98E39FA3686",
"versionEndIncluding": "2.8",
"versionStartIncluding": "2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery."
},
{
"lang": "es",
"value": "Las implementaciones de SAE y EAP-pwd en hostapd y wpa_supplicant versiones 2.x hasta la 2.8, son vulnerables a ataques de canal lateral como un resultado de diferencias de tiempo observables y patrones de acceso de cach\u00e9 cuando son usadas curvas Brainpool. Un atacante puede ser capaz de conseguir informaci\u00f3n filtrada de un ataque de canal lateral que puede usarse para la recuperaci\u00f3n completa de la contrase\u00f1a."
}
],
"id": "CVE-2019-13377",
"lastModified": "2024-11-21T04:24:49.237",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-15T17:15:13.410",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4098-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IELLEPIXWQOJFW4SZMU3WQHO63JFAHA4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/Sep/56"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4098-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=147bf7b88a9c231322b5b574263071ca6dbb0503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://w1.fi/cgit/hostap/commit/?id=cd803299ca485eb857e37c88f973fccfbb8600e5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4538"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-12-12 22:15
Modified
2024-11-21 04:44
Severity ?
Summary
An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| talos-cna@cisco.com | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates for stations, before the required authentication process has completed. This could lead to different denial of service scenarios, either by causing CAM table attacks, or by leading to traffic flapping if faking already existing clients in other nearby Aps of the same wireless infrastructure. An attacker can forge Authentication and Association Request packets to trigger this vulnerability."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio explotable en el hostapd versi\u00f3n 2.6, donde un atacante podr\u00eda activar AP para enviar actualizaciones de ubicaci\u00f3n IAPP para las estaciones, antes de que el proceso de autenticaci\u00f3n requerido se complete . Esto podr\u00eda conllevar a diferentes escenarios de denegaci\u00f3n de servicio, ya sea causando ataques a la tabla CAM o conllevando un aleteo de tr\u00e1fico si falsifica clientes existentes en otros Aps cercanos de la misma infraestructura inal\u00e1mbrica. Un atacante puede falsificar paquetes de petici\u00f3n de Autenticaci\u00f3n y Asociaci\u00f3n para activar esta vulnerabilidad."
}
],
"id": "CVE-2019-5061",
"lastModified": "2024-11-21T04:44:16.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "talos-cna@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-12T22:15:11.047",
"references": [
{
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-440"
}
],
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-17 02:15
Modified
2024-11-21 06:48
Severity ?
Summary
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| w1.fi | hostapd | * | |
| w1.fi | wpa_supplicant | * | |
| fedoraproject | fedora | 35 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3587622-0BD8-4DCB-811F-410671BBD37E",
"versionEndExcluding": "2.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*",
"matchCriteriaId": "334B562B-B7A1-480C-ADF0-B92A14385AD1",
"versionEndExcluding": "2.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494."
},
{
"lang": "es",
"value": "Las implementaciones de SAE en hostapd versiones anteriores a 2.10 y wpa_supplicant versiones anteriores a 2.10, son vulnerables a ataques de canal lateral como resultado de los patrones de acceso a la cach\u00e9. NOTA: este problema se presenta debido a una correcci\u00f3n incompleta de CVE-2019-9494"
}
],
"id": "CVE-2022-23303",
"lastModified": "2024-11-21T06:48:22.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-17T02:15:06.760",
"references": [
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/security/2022-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/202309-16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
],
"url": "https://w1.fi/security/2022-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-17 13:29
Modified
2024-11-21 03:10
Severity ?
Summary
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*",
"matchCriteriaId": "588D4F37-0A56-47A4-B710-4D5F3D214FB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EC02F3-3905-460D-8949-3B26394215CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*",
"matchCriteriaId": "4195DB45-CF5A-4FA6-BF58-BAF77EE555C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BD5B9266-A927-4F62-8742-721CE9A4C4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*",
"matchCriteriaId": "602D3280-2974-4809-BE70-1EA9437AEBF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5753931-556B-4EEC-B510-751BA3613CE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*",
"matchCriteriaId": "2095C863-1FB0-4016-81FF-3CAB44E77FD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7AAFCB-AB64-4B39-87AA-936E386A82C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F6454F0F-6CC1-4EA2-8D7C-51709FD7F318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CFCB5512-B60E-48D7-B136-ADF19E5E74BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9EB1420D-5D05-4BFC-8AF7-2AB00B76148B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "21324D89-B634-4D6B-987B-4AD29079373D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB43314-8725-48A0-8902-864567808AD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AA3D0E-C483-4575-8209-DE643A3FEC7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1212B910-E4A5-47A1-A263-4E1C13CF3EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "A9A6A99E-5129-4E8D-A0AF-61755BDA3565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BC42F782-63CB-4960-BF65-4856776CFBE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "212B0353-4AEF-4861-A054-6193CAA05390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E702507-5BA0-4A12-80C6-A729F32A6A80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24810936-DABC-485D-B952-22F16C3016FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF46881-4484-4ABB-AC0C-152664E2CD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "880CBDD7-BFEC-48F6-8C4C-D300143B6571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B29CCA41-5784-48C3-B9ED-6B1FF063FB1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "37B9643D-4046-4034-8B68-18F59154CD66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "681C458F-D1BD-48DA-86C7-BA714F5AA9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4057F722-1A8E-4D75-B049-E3632AC8EF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F53FDB-7136-444E-AB03-9D8A6A31E249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "63AB46C0-2F00-4805-84A9-323BA4E594DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "768D16AF-3A8B-47DD-A499-948A73062AE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BECC3EF-2777-4FF9-9750-93D1245A9247",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2D07095-6331-4079-BD86-E414CEE35624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61CDB3D2-F6C3-43CF-ACE8-95E96DF02293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B4681FC-44F4-4E86-8431-8EDAD65492D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EC6FB535-AFFF-4083-AF1D-9E1ED504158F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A74105F9-E729-47BA-A96F-4D15947B673A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1F5F7411-0B32-4041-8235-2B1AEC186FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9191D783-4390-4603-9C4D-F673270E63C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E36F3308-EABA-451F-90E1-65919450A809",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "44F6680B-7015-4EB0-AABC-A4DD50894CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5CAFF5E3-EA27-4688-87AD-1648003D3D1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5E00A5B5-81D8-4BF3-B857-028D7D06CA5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "476C3ED0-B77C-490F-AF1E-BC4C7D52D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1972B5-F896-419C-9FFA-FB583B114B8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C2E84533-EB76-4A8F-90ED-E9342EAF3427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "E5AE0623-87CB-4CEF-BD3B-6BCF676031CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "905B55A4-2488-44D1-991F-C142C3527F18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90102D17-8D03-4F59-811B-FBFB98D627C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9381F69-1633-44DD-967F-D29587B67079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "9169BDAC-6207-4B6A-8EF3-D52DED1A9311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62E17E03-53C6-4E74-91A8-4C4363666291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C6FEDE-B0E9-479A-9185-48D62DBC91FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "643762E2-969E-4531-B79E-961697E5DA8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "627AD871-2091-48E9-B801-3E3D5CF8E594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4BC691E5-6265-4FAB-9ACA-C65EB99AFA47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4701BF31-B3FC-4590-9787-3BA94ECB8D54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB96005-E214-4C60-865E-B693115527D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF264-2315-43CE-B2A6-4234B394854C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EF53AD-F985-446E-89B8-4BFECE00AD63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A11DBFA-9F0E-4358-8541-E5371C11FE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "738AEB08-FF7D-4DC3-AB14-B8F2B9474810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8C5523-16E4-417E-A159-F5D0F9E83C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB93C2FC-6913-448E-8B93-EEB2229EC86C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0ECA3172-7088-4B5E-923D-37B155729BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "48FD6B1B-7555-449D-9CCB-1487FAEE8098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9726F4DE-8037-49AD-A092-7EF9D5BF99EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*",
"matchCriteriaId": "57CFAD92-EECD-417D-ADDB-8178C320B204",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*",
"matchCriteriaId": "C1DCD75C-9775-4922-8A44-C4707C640946",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "086BF5C5-255C-4E2E-83D3-A8B83AED6B60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*",
"matchCriteriaId": "91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*",
"matchCriteriaId": "55C5561F-BE86-4EEA-99D4-8697F8BD9DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*",
"matchCriteriaId": "B2F3699A-38E4-4E9D-9414-411F71D9E371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*",
"matchCriteriaId": "07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
},
{
"lang": "es",
"value": "Wi-Fi Protected Access (WPA y WPA2) que soporte IEEE 802.11r permite la reinstalaci\u00f3n de la clave GTK (Group Temporal Key) cuando se procesa un frame Wireless Network Management (WNM) Sleep Mode Response, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca frames desde los puntos de acceso hasta los clientes."
}
],
"id": "CVE-2017-13087",
"lastModified": "2024-11-21T03:10:56.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-17T13:29:00.600",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "cret@cert.org",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "cret@cert.org",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "cret@cert.org",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "cret@cert.org",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "cret@cert.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/228519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101274"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039576"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039577"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-3455-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2907"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/vulnerabilities/kracks"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201711-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://source.android.com/security/bulletin/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.krackattacks.com/"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-21 15:55
Modified
2024-11-21 01:39
Severity ?
Summary
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06119A43-B1CA-4021-87D2-C67BE6125423",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials."
},
{
"lang": "es",
"value": "hostapd v0.7.3 y posiblemente otras versiones antes de la v1.0, utilizan permisos 0644 en /etc/hostapd/hostapd.conf, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible, como por ejemplo las credenciales."
}
],
"id": "CVE-2012-2389",
"lastModified": "2024-11-21T01:39:00.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-21T15:55:12.567",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/13"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/3"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/5"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=740964"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081983.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/05/23/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=740964"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824660"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}