CVE-2015-5310

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protection (MFP) was not negotiated, which allows remote attackers to inject arbitrary broadcast or multicast packets or cause a denial of service (ignored packets) via a WNM Sleep Mode response.

References

http://source.android.com/security/bulletin/2016-01-01.html

http://w1.fi/security/2015-6/wpa_supplicant-unauthorized-wnm-sleep-mode-gtk-control.txt

http://www.debian.org/security/2015/dsa-3397

http://www.openwall.com/lists/oss-security/2015/11/10/9

http://www.securityfocus.com/bid/77541

http://www.securitytracker.com/id/1034592

http://www.ubuntu.com/usn/USN-2808-1

Details

Source: MITRE

Published: 2016-01-06

Updated: 2018-02-22

Type: CWE-200

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (5 total)

IDNameProductFamilySeverity
93700openSUSE Security Update : wpa_supplicant (openSUSE-2016-1104)NessusSuSE Local Security Checks
medium
93507SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2016:2305-1)NessusSuSE Local Security Checks
medium
90568FreeBSD : hostapd and wpa_supplicant -- multiple vulnerabilities (976567f6-05c5-11e6-94fa-002590263bf5)NessusFreeBSD Local Security Checks
medium
86848Ubuntu 14.04 LTS / 15.04 / 15.10 : wpa vulnerabilities (USN-2808-1)NessusUbuntu Local Security Checks
medium
86833Debian DSA-3397-1 : wpa - security updateNessusDebian Local Security Checks
medium