CVE-2019-9498

🗓️ 29 Apr 2020 15:05:10Reported by redhat.comType

A flaw in wpa_supplicant allows bypass of authentication and impersonation using invalid scalar/element values in EAP-pwd-Commit message

Reporter	Title	Published	Views	Family All 75
Cvelist	CVE-2019-9498 The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit	17 Apr 201913:31	–	cvelist
Cvelist	CVE-2019-11235	21 Apr 201916:40	–	cvelist
UbuntuCve	CVE-2019-9498	10 Apr 201900:00	–	ubuntucve
AlpineLinux	CVE-2019-9498	17 Apr 201914:29	–	alpinelinux
AlpineLinux	CVE-2019-11235	22 Apr 201911:29	–	alpinelinux
NVD	CVE-2019-9498	17 Apr 201914:29	–	nvd
NVD	CVE-2019-11235	22 Apr 201911:29	–	nvd
OSV	CVE-2019-9498	17 Apr 201914:29	–	osv
OSV	CVE-2019-11235	22 Apr 201911:29	–	osv
OSV	wpa - security update	10 Apr 201900:00	–	osv

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-9498
w1	www.w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
kb	www.kb.cert.org/vuls/id/871675/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Apr 2020 15:10Current

3Low risk

Vulners AI Score3

EPSS0.01155