Lucene search
K

5 matches found

OSV
OSV
added 2019/04/17 2:29 p.m.23 views

CVE-2019-9498

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication,...

8.1CVSS7.9AI score
Exploits0References9
OSV
OSV
added 2019/04/17 2:29 p.m.3 views

ALPINE-CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

3.7CVSS7AI score0.03449EPSS
Exploits0References1
CVE
CVE
added 2019/04/17 1:31 p.m.258 views

CVE-2019-9499

CVE-2019-9499 concerns the EAP-pwd implementation in wpa_supplicant (and related hostapd/EAP-pwd paths) where, when built against a crypto library lacking explicit validation, the scalar and element values in EAP-pwd-Commit are not validated. This allows an attacker to craft a commit message and ...

8.1CVSS8AI score0.02386EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVE
added 2019/04/17 1:31 p.m.32 views

CVE-2019-9499

The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...

8.1CVSS7.8AI score0.02386EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2019/04/17 1:31 p.m.47 views

CVE-2019-9499

The implementations of EAP-PWD in wpasupplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection...

8.1CVSS8.1AI score0.02386EPSS
Exploits0
Rows per page
Query Builder