CVE-2019-9494

🗓️ 17 Apr 2019 13:31:08Reported by certccType

SAE implementation in hostapd/wpa_supplicant vulnerable to side channel attacks

Reporter	Title	Published	Views	Family All 102
FreeBSD	FreeBSD -- EAP-pwd side-channel attack	10 Apr 201900:00	–	freebsd
FreeBSD	FreeBSD -- SAE side-channel attacks	10 Apr 201900:00	–	freebsd
AlpineLinux	CVE-2019-9494	17 Apr 201913:31	–	alpinelinux
Broadcom	BSA-2019-777	15 Apr 201900:00	–	broadcom
Tenable Nessus	CentOS 7 : freeradius (RHSA-2020:3984)	20 Oct 202000:00	–	nessus
Tenable Nessus	Debian DSA-4430-1 : wpa - security update	15 Apr 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : wpa_supplicant (EulerOS-SA-2019-1779)	25 Jul 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2019-1875)	16 Sep 201900:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : wpa_supplicant (EulerOS-SA-2019-1891)	16 Sep 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.2.0 : wpa_supplicant (EulerOS-SA-2019-1945)	17 Sep 201900:00	–	nessus

NVD

Node

w1.fi hostapdRange≤2.7

w1.fi wpa_supplicantRange≤2.7

Node

fedoraproject fedoraMatch28

fedoraproject fedoraMatch29

fedoraproject fedoraMatch30

Node

opensuse backports_sleMatch15.0-

opensuse backports_sleMatch15.0sp1

opensuse leapMatch15.1

Node

synology radius_serverMatch3.0

synology router_managerRange<1.2.3-8087

Node

freebsd freebsdMatch11.2-

freebsd freebsdMatch11.2p2

freebsd freebsdMatch11.2p3

freebsd freebsdMatch11.2p4

freebsd freebsdMatch11.2p5

freebsd freebsdMatch11.2p6

freebsd freebsdMatch11.2p7

freebsd freebsdMatch11.2p8

freebsd freebsdMatch11.2p9

freebsd freebsdMatch11.2rc3

freebsd freebsdMatch12.0-

freebsd freebsdMatch12.0p1

freebsd freebsdMatch12.0p2

freebsd freebsdMatch12.0p3

[
  {
    "product": "hostapd with SAE support",
    "vendor": "Wi-Fi Alliance",
    "versions": [
      {
        "lessThanOrEqual": "2.7",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "wpa_supplicant with SAE support",
    "vendor": "Wi-Fi Alliance",
    "versions": [
      {
        "lessThanOrEqual": "2.7",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
w1	www.w1.fi/security/2019-1/
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/
seclists	www.seclists.org/bugtraq/2019/May/40
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/
security	www.security.freebsd.org/advisories/FreeBSD-SA-19:03.wpa.asc
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/
packetstormsecurity	www.packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html
synology	www.synology.com/security/advisory/Synology_SA_19_16
lists	www.lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html

21 Nov 2024 04:51Current

6.5Medium risk

Vulners AI Score6.5

CVSS 24.3

CVSS 3.15.9

EPSS0.01518

sae hostapd wpa_supplicant side channel attacks cve-2019-9494 nvd vulnerability