Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2019-9496
Modified
More InfoOfficial Page
Source-cret@cert.org
View Known Exploited Vulnerability (KEV) details
Published At-17 Apr, 2019 | 14:29
Updated At-07 Nov, 2023 | 03:13

An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are vulnerable. An attacker may force the hostapd process to terminate, performing a denial of service attack. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
w1.fi
w1.fi
>>hostapd>>Versions up to 2.7(inclusive)
cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*
w1.fi
w1.fi
>>wpa_supplicant>>Versions up to 2.7(inclusive)
cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>28
cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>29
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
Fedora Project
fedoraproject
>>fedora>>30
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-287Primarynvd@nist.gov
CWE-642Secondarycret@cert.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.htmlcret@cert.org
N/A
http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.htmlcret@cert.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/cret@cert.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/cret@cert.org
N/A
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/cret@cert.org
N/A
https://seclists.org/bugtraq/2019/May/40cret@cert.org
N/A
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asccret@cert.org
N/A
https://w1.fi/security/2019-3/cret@cert.org
Patch
Vendor Advisory
https://www.synology.com/security/advisory/Synology_SA_19_16cret@cert.org
N/A
Change History
0Changes found
Details not found