Lucene search
K

53 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-17717

Malware in sbrugna...

8.8CVSS8.4AI score0.00652EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.9 views

Azure Linux 3.0 Security Update: wpa_supplicant (CVE-2023-52160)

The version of wpasupplicant installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52160 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successf...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.31 views

RHEL 8 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: SAE side channel attacks as a result of cache access patterns CVE-2022-23303 - The...

9.8CVSS8.8AI score0.02944EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.20 views

RHEL 7 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: local configuration update allows privilege escalation CVE-2016-4477 - wpasupplicant: P2P...

7.9AI score0.04707EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/26 12:0 a.m.16 views

CentOS 9 : wpa_supplicant-2.10-5.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the wpasupplicant-2.10-5.el9 build changelog. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Veracode
Veracode
added 2024/03/17 7:28 p.m.28 views

Improper Authentication

wpasupplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpasupplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be exploited to bypass Phase 2 authentication...

6.5CVSS6.7AI score0.01177EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/10 12:0 a.m.31 views

Fedora 38 : wpa_supplicant (2024-36d2be00d0)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-36d2be00d0 advisory. backport fix for PEAP client CVE-2023-52160 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 4:53 p.m.12 views

MGASA-2024-0053 Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

6.5CVSS6.3AI score0.01177EPSS
Exploits0References5
Mageia
Mageia
added 2024/03/06 4:53 p.m.53 views

Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

6.5CVSS7.4AI score0.01177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.26 views

Amazon Linux 2 : wpa_supplicant (ALAS-2024-2480)

The version of wpasupplicant installed on the remote host is prior to 2.6-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2480 advisory. wpasupplicant: potential authorization bypass CVE-2023-52160 Tenable has extracted the preceding description block directly fr...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.22 views

Fedora 39 : wpa_supplicant (2024-a95bdde55b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a95bdde55b advisory. backport fix for PEAP client CVE-2023-52160 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.34 views

Debian dla-3743 : hostapd - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3743 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3743-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References4
NVD
NVD
added 2024/02/22 5:15 p.m.14 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.7AI score0.01177EPSS
Exploits0References7
OSV
OSV
added 2024/02/22 5:15 p.m.27 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.8AI score
Exploits0References7
UbuntuCve
UbuntuCve
added 2024/02/22 5:15 p.m.31 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.9AI score0.01177EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/02/22 12:0 a.m.15 views

CVE-2023-52161

The Access Point functionality in eapolauthkeyhandle in eapol.c in iNet wireless daemon IWD before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network. An attacker can complete the EAPOL handshake by skipping Msg2/4 and instead sending Msg4/4 with an all-zero key...

6.9AI score0.01103EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2024/02/22 12:0 a.m.26 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.8AI score0.01177EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/02/22 12:0 a.m.27 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.6AI score0.01177EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2024/02/22 12:0 a.m.57 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS9.5AI score0.01177EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/23 12:0 a.m.10 views

CVE-2023-35836

An issue was discovered in SolaX Pocket WiFi 3 through 3.001.02. An attacker within RF range can obtain a cleartext copy of the network configuration of the device, including the Wi-Fi PSK, during device setup and reconfiguration. Upon success, the attacker is able to further infiltrate the...

6.8AI score0.00317EPSS
Exploits0References4
Rows per page
Query Builder