CPE-5F7A44E8-2AEE-4263-A065-539B7C8694D5 Detail

CPE Details

w1.fi WPA Supplicant 2.9

Vendor

w1.fi

Product

wpa_supplicant

Version

2.9

Created

2019-12-16
18h03 +00:00

Modified

2019-12-16
18h03 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:w1.fi:wpa_supplicant:2.9:::::::*

Informations

Vendor

w1.fi

Product

wpa_supplicant

Version

2.9

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-52160	2024-02-21 23h00 +00:00	The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.	6.5	Medium
CVE-2022-23303	2022-01-16 23h00 +00:00	The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.	9.8	Critical
CVE-2022-23304	2022-01-16 23h00 +00:00	The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.	9.8	Critical
CVE-2021-30004	2021-04-01 22h00 +00:00	In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.	5.3	Medium
CVE-2021-27803	2021-02-26 21h11 +00:00	A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It could result in denial of service or other impact (potentially execution of arbitrary code), for an attacker within radio range.	7.5	High
CVE-2019-16275	2019-09-12 17h07 +00:00	hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.	6.5	Medium

w1.fi WPA Supplicant 2.9

CPE Details

CPE Name: cpe:2.3:a:w1.fi:wpa_supplicant:2.9:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:w1.fi:wpa_supplicant:2.9:::::::*