Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/09 12:0 a.m.9 views

NewStart CGSL MAIN 7.02 : wpa_supplicant Vulnerability (NS-SA-2025-0087)

The remote NewStart CGSL host, running version MAIN 7.02, has wpasupplicant packages installed that are affected by a vulnerability: - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.11 views

Azure Linux 3.0 Security Update: wpa_supplicant (CVE-2023-52160)

The version of wpasupplicant installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52160 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successf...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/20 12:0 a.m.8 views

CBL Mariner 2.0 Security Update: wpa_supplicant (CVE-2023-52160)

The version of wpasupplicant installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-52160 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successf...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.21 views

EulerOS 2.0 SP8 : wpa_supplicant (EulerOS-SA-2024-2495)

According to the versions of the wpasupplicant package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.34 views

RHEL 8 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: SAE side channel attacks as a result of cache access patterns CVE-2022-23303 - The...

9.8CVSS8.8AI score0.02944EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.33 views

Rocky Linux 9 : wpa_supplicant (RLSA-2024:2517)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2517 advisory. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify...

6.5CVSS7AI score0.01177EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.20 views

RHEL 7 : wpa_supplicant (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - wpasupplicant: local configuration update allows privilege escalation CVE-2016-4477 - wpasupplicant: P2P...

7.9AI score0.04707EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/30 12:0 a.m.32 views

RHEL 9 : wpa_supplicant (RHSA-2024:2517)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:2517 advisory. The wpasupplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2 IEEE 802.11i / RSN, and various EAP authentication methods...

6.5CVSS7.2AI score0.01177EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/04/26 12:0 a.m.16 views

CentOS 9 : wpa_supplicant-2.10-5.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the wpasupplicant-2.10-5.el9 build changelog. - The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be...

6.5CVSS7AI score0.01177EPSS
Exploits0References2
Veracode
Veracode
added 2024/03/17 7:28 p.m.29 views

Improper Authentication

wpasupplicant is vulnerable to the Improper Authentication vulnerability. The vulnerability arises because wpasupplicant can be configured to skip TLS certificate verification during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be exploited to bypass Phase 2 authentication...

6.5CVSS6.7AI score0.01177EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/03/10 12:0 a.m.31 views

Fedora 38 : wpa_supplicant (2024-36d2be00d0)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-36d2be00d0 advisory. backport fix for PEAP client CVE-2023-52160 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 4:53 p.m.12 views

MGASA-2024-0053 Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

6.5CVSS6.3AI score0.01177EPSS
Exploits0References5
Mageia
Mageia
added 2024/03/06 4:53 p.m.55 views

Updated wpa_supplicant packages fix security vulnerabilities

The updated packages fix a security vulnerability: The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt...

6.5CVSS7.4AI score0.01177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.26 views

Amazon Linux 2 : wpa_supplicant (ALAS-2024-2480)

The version of wpasupplicant installed on the remote host is prior to 2.6-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2480 advisory. wpasupplicant: potential authorization bypass CVE-2023-52160 Tenable has extracted the preceding description block directly fr...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.22 views

Fedora 39 : wpa_supplicant (2024-a95bdde55b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-a95bdde55b advisory. backport fix for PEAP client CVE-2023-52160 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/02/27 12:0 a.m.34 views

Debian dla-3743 : hostapd - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3743 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3743-1 [email protected] https://www.debian.org/lts/security/...

6.5CVSS7.1AI score0.01177EPSS
Exploits0References4
NVD
NVD
added 2024/02/22 5:15 p.m.15 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.7AI score0.01177EPSS
Exploits0References7
Prion
Prion
added 2024/02/22 5:15 p.m.34 views

Authentication flaw

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

4.3CVSS7.1AI score0.01177EPSS
Exploits0References5Affected Software4
UbuntuCve
UbuntuCve
added 2024/02/22 5:15 p.m.32 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS6.9AI score0.01177EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/02/22 12:0 a.m.58 views

CVE-2023-52160

The implementation of PEAP in wpasupplicant through 2.10 allows authentication bypass. For a successful attack, wpasupplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eappeapdecrypt vulnerability can then be abused to skip Phase 2...

6.5CVSS9.5AI score0.01177EPSS
Exploits0
Rows per page
Query Builder