CVE-2019-9497

2019-04-1000:00:00

ubuntu.com

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.4%

JSON

The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP
Peer do not validate the scalar and element values in EAP-pwd-Commit. This
vulnerability may allow an attacker to complete EAP-PWD authentication
without knowing the password. However, unless the crypto library does not
implement additional checks for the EC point, the attacker will not be able
to derive the session key or complete the key exchange. Both hostapd with
SAE support and wpa_supplicant with SAE support prior to and including
version 2.4 are affected. Both hostapd with EAP-pwd support and
wpa_supplicant with EAP-pwd support prior to and including version 2.7 are
affected.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchwpa< 2:2.6-15ubuntu2.2UNKNOWN
ubuntu18.10noarchwpa< 2:2.6-18ubuntu1.1UNKNOWN
ubuntu19.04noarchwpa< 2:2.6-21ubuntu3UNKNOWN
ubuntu14.04noarchwpa< 2.1-0ubuntu1.7UNKNOWN
ubuntu16.04noarchwpa< 2.4-0ubuntu6.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	wpa	< 2:2.6-15ubuntu2.2	UNKNOWN
ubuntu	18.10	noarch	wpa	< 2:2.6-18ubuntu1.1	UNKNOWN
ubuntu	19.04	noarch	wpa	< 2:2.6-21ubuntu3	UNKNOWN
ubuntu	14.04	noarch	wpa	< 2.1-0ubuntu1.7	UNKNOWN
ubuntu	16.04	noarch	wpa	< 2.4-0ubuntu6.4	UNKNOWN