Lucene search

K
cvelistRedhatCVELIST:CVE-2022-41859
HistoryJan 17, 2023 - 12:00 a.m.

CVE-2022-41859

2023-01-1700:00:00
CWE-200
redhat
www.cve.org

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

51.0%

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "freeradius",
    "versions": [
      {
        "version": "unknown",
        "status": "affected"
      }
    ]
  }
]