Vulnerabilities in Wi-Fi Alliance

15 results

CVE-2019-9497—The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-CommitEPSS 5.4%CVE-2019-9496—An invalid authentication sequence could result in the hostapd process terminating due to missing state validation stepsEPSS 5.2%CVE-2017-13082—Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK)EPSS 4.6%CVE-2019-9494—The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side-channel attacksEPSS 3.7%CVE-2019-9495—The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patternsEPSS 3.4%CVE-2017-13077—Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshEPSS 2.4%CVE-2019-9499—The implementations of EAP-PWD in wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-CommitEPSS 2.4%CVE-2019-9498—The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-CommitEPSS 2.4%CVE-2017-13080—Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attaEPSS 2.3%CVE-2017-13084—Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey hanEPSS 2.2%CVE-2017-13079—Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during theEPSS 2.1%CVE-2017-13078—Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacEPSS 2.1%CVE-2017-13086—Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshakEPSS 2.0%CVE-2017-13081—Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during theEPSS 2.0%CVE-2017-13088—Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing EPSS 1.8%