Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:33007
HistoryNov 17, 2021 - 10:37 p.m.

Denial Of Service (DoS)

2021-11-1722:37:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
24

5.3 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

2.9 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

64.7%

kernel is vulnerable to denial of service. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. Frames used for authentication and key management between the AP and connected clients. Some clients may take these redirected frames masquerading as control mechanisms from the AP.

References

5.3 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

2.9 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

64.7%