Lucene search

K
cvelistMitreCVELIST:CVE-2019-13377
HistoryAug 15, 2019 - 4:05 p.m.

CVE-2019-13377

2019-08-1516:05:29
mitre
www.cve.org

6.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.

6.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%