Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-9498

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected.

Published

2019-04-17T14:29:04.010

Last Modified

2024-11-21T04:51:44.190

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.1 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-346
Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	w1.fi	hostapd	≤ 2.4	Yes
Application	w1.fi	hostapd	≤ 2.7	Yes
Application	w1.fi	wpa_supplicant	≤ 2.4	Yes
Application	w1.fi	wpa_supplicant	≤ 2.7	Yes
Operating System	fedoraproject	fedora	28	Yes
Operating System	fedoraproject	fedora	29	Yes
Operating System	fedoraproject	fedora	30	Yes
Application	opensuse	backports_sle	15.0	Yes
Application	opensuse	backports_sle	15.0	Yes
Operating System	opensuse	leap	15.1	Yes
Operating System	debian	debian_linux	8.0	Yes
Application	synology	radius_server	3.0	Yes
Application	synology	router_manager	1.2	Yes
Operating System	freebsd	freebsd	≤ 11.1	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	11.2	Yes
Operating System	freebsd	freebsd	12.0	Yes
Operating System	freebsd	freebsd	12.0	Yes
Operating System	freebsd	freebsd	12.0	Yes
Operating System	freebsd	freebsd	12.0	Yes

References

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/ ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/ ([email protected])
https://seclists.org/bugtraq/2019/May/40 Mailing List, Third Party Advisory ([email protected])
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc Third Party Advisory ([email protected])
https://w1.fi/security/2019-4/ Patch, Vendor Advisory ([email protected])
https://www.synology.com/security/advisory/Synology_SA_19_16 Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/ (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/ (af854a3a-2127-422b-91ae-364da2661108)
https://seclists.org/bugtraq/2019/May/40 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://w1.fi/security/2019-4/ Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/security/advisory/Synology_SA_19_16 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)