Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-004
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "FortiOS versions ant\u00e9rieures \u00e0 6.2.3",
"product": {
"name": "FortiOS",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Meru AP versions ant\u00e9rieures \u00e0 8.5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "FortiAP-S/W2 versions ant\u00e9rieures \u00e0 6.2.2",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
},
{
"description": "Meru Controller versions ant\u00e9rieures \u00e0 8.5.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Fortinet",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2019-9494",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9494"
},
{
"name": "CVE-2019-9495",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9495"
},
{
"name": "CVE-2019-9498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9498"
},
{
"name": "CVE-2019-9497",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9497"
},
{
"name": "CVE-2019-9499",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9499"
},
{
"name": "CVE-2019-9496",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9496"
}
],
"initial_release_date": "2020-01-06T00:00:00",
"last_revision_date": "2020-01-06T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-004",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-01-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nFortinet. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de\nservice \u00e0 distance, un contournement de la politique de s\u00e9curit\u00e9 et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Fortinet",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fortinet FG-IR-19-107 du 03 janvier 2020",
"url": "https://fortiguard.com/psirt/FG-IR-19-107"
}
]
}
CVE-2019-9497 (GCVE-0-2019-9497)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-301",
"description": "CWE-301",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:12",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9497",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without knowing the password. However, unless the crypto library does not implement additional checks for the EC point, the attacker will not be able to derive the session key or complete the key exchange. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-301"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9497",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9495 (GCVE-0-2019-9495)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-524 - Information Exposure Through Caching
Summary
The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.180Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524 Information Exposure Through Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:10",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9495",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful attack. Memory access patterns are visible in a shared cache. Weak passwords may be cracked. Versions of hostapd/wpa_supplicant 2.7 and newer, are not vulnerable to the timing attack described in CVE-2019-9494. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-2/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-2/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9495",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9496 (GCVE-0-2019-9496)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-642 - External Control of Critical State Data
Summary
An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with SAE support |
Version: 2.7 < |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.155Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-642",
"description": "CWE-642 External Control of Critical State Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:10",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-3/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9496",
"STATE": "PUBLIC",
"TITLE": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-642 External Control of Critical State Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-3/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-3/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9496",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9499 (GCVE-0-2019-9499)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.100Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:08",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9499",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may complete authentication, session key and control of the data connection with a client. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9499",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.100Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9498 (GCVE-0-2019-9498)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with EAP-pwd support |
Version: 2.7 < |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with EAP-pwd support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "2.4",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:07",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-4/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9498",
"STATE": "PUBLIC",
"TITLE": "The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with EAP-pwd support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.4",
"version_value": "2.4"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-346 Origin Validation Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-4/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-4/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9498",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-9494 (GCVE-0-2019-9494)
Vulnerability from cvelistv5
Published
2019-04-17 13:31
Modified
2024-08-04 21:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Wi-Fi Alliance | hostapd with SAE support |
Version: 2.7 < |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:54:44.172Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "hostapd with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
},
{
"product": "wpa_supplicant with SAE support",
"vendor": "Wi-Fi Alliance",
"versions": [
{
"lessThanOrEqual": "2.7",
"status": "affected",
"version": "2.7",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208 Information Exposure Through Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-524",
"description": "CWE-524 Information Exposure Through Caching",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-16T00:06:09",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://w1.fi/security/2019-1/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Dragonblood",
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2019-9494",
"STATE": "PUBLIC",
"TITLE": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "hostapd with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
},
{
"product_name": "wpa_supplicant with SAE support",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "2.7",
"version_value": "2.7"
}
]
}
}
]
},
"vendor_name": "Wi-Fi Alliance"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-208 Information Exposure Through Timing Discrepancy"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-524 Information Exposure Through Caching"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://w1.fi/security/2019-1/",
"refsource": "CONFIRM",
"url": "https://w1.fi/security/2019-1/"
},
{
"name": "https://www.synology.com/security/advisory/Synology_SA_19_16",
"refsource": "CONFIRM",
"url": "https://www.synology.com/security/advisory/Synology_SA_19_16"
},
{
"name": "FEDORA-2019-d03bae77f5",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"
},
{
"name": "FEDORA-2019-f409af9fbe",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"
},
{
"name": "FEDORA-2019-eba1109acd",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"
},
{
"name": "FreeBSD-SA-19:03",
"refsource": "FREEBSD",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"
},
{
"name": "20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/40"
},
{
"name": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html"
},
{
"name": "openSUSE-SU-2020:0222",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2019-9494",
"datePublished": "2019-04-17T13:31:08",
"dateReserved": "2019-03-01T00:00:00",
"dateUpdated": "2024-08-04T21:54:44.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…