CVE-2018-14526

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.

References

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00013.html

http://www.securitytracker.com/id/1041438

https://access.redhat.com/errata/RHSA-2018:3107

https://lists.debian.org/debian-lts-announce/2018/08/msg00009.html

https://papers.mathyvanhoef.com/woot2018.pdf

https://security.FreeBSD.org/advisories/FreeBSD-SA-18:11.hostapd.asc

https://usn.ubuntu.com/3745-1/

https://w1.fi/security/2018-1/unauthenticated-eapol-key-decryption.txt

Details

Source: MITRE

Published: 2018-08-08

Updated: 2019-10-03

Type: CWE-924

Risk Information

CVSS v2

Base Score: 3.3

Vector: AV:A/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 6.5

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (27 total)

IDNameProductFamilySeverity
143704SUSE SLES12 Security Update : wpa_supplicant (SUSE-SU-2020:3424-1) (KRACK)NessusSuSE Local Security Checks
high
143627SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2020:3380-1) (KRACK)NessusSuSE Local Security Checks
high
143321openSUSE Security Update : wpa_supplicant (openSUSE-2020-2053) (KRACK)NessusSuSE Local Security Checks
high
143304openSUSE Security Update : wpa_supplicant (openSUSE-2020-2059) (KRACK)NessusSuSE Local Security Checks
high
127276NewStart CGSL CORE 5.04 / MAIN 5.04 : wpa_supplicant Vulnerability (NS-SA-2019-0072)NessusNewStart CGSL Local Security Checks
medium
124925EulerOS Virtualization 3.0.1.0 : wpa_supplicant (EulerOS-SA-2019-1422)NessusHuawei Local Security Checks
high
124917EulerOS Virtualization for ARM 64 3.0.1.0 : wpa_supplicant (EulerOS-SA-2019-1414)NessusHuawei Local Security Checks
high
124710openSUSE Security Update : wpa_supplicant (openSUSE-2019-1345)NessusSuSE Local Security Checks
medium
124404SUSE SLED12 / SLES12 Security Update : wpa_supplicant (SUSE-SU-2019:1088-1)NessusSuSE Local Security Checks
medium
123880EulerOS Virtualization 2.5.4 : wpa_supplicant (EulerOS-SA-2019-1194)NessusHuawei Local Security Checks
medium
123362openSUSE Security Update : wpa_supplicant (openSUSE-2019-871)NessusSuSE Local Security Checks
medium
123352openSUSE Security Update : hostapd (openSUSE-2019-839)NessusSuSE Local Security Checks
medium
120378Fedora 28 : 1:wpa_supplicant (2018-41dfadd21a)NessusFedora Local Security Checks
medium
120147SUSE SLED15 / SLES15 Security Update : wpa_supplicant (SUSE-SU-2018:3480-1)NessusSuSE Local Security Checks
medium
119887pfSense 2.3.x <= 2.3.5-p2 / 2.4.x < 2.4.4 Multiple Vulnerabilities (SA-18_06 / SA-18_07 / SA-18_08)NessusFirewalls
high
119505Amazon Linux 2 : wpa_supplicant (ALAS-2018-1122)NessusAmazon Linux Local Security Checks
medium
119202Scientific Linux Security Update : wpa_supplicant on SL7.x x86_64 (20181030)NessusScientific Linux Local Security Checks
medium
118993CentOS 7 : wpa_supplicant (CESA-2018:3107)NessusCentOS Local Security Checks
medium
118772Oracle Linux 7 : wpa_supplicant (ELSA-2018-3107)NessusOracle Linux Local Security Checks
medium
118529RHEL 7 : wpa_supplicant (RHSA-2018:3107)NessusRed Hat Local Security Checks
medium
118487openSUSE Security Update : wpa_supplicant (openSUSE-2018-1316)NessusSuSE Local Security Checks
medium
118481openSUSE Security Update : hostapd (openSUSE-2018-1293)NessusSuSE Local Security Checks
medium
117761EulerOS 2.0 SP3 : wpa_supplicant (EulerOS-SA-2018-1318)NessusHuawei Local Security Checks
medium
117760EulerOS 2.0 SP2 : wpa_supplicant (EulerOS-SA-2018-1317)NessusHuawei Local Security Checks
medium
112101Fedora 27 : 1:wpa_supplicant (2018-c43c1ee06f)NessusFedora Local Security Checks
medium
111720FreeBSD : wpa_supplicant -- unauthenticated encrypted EAPOL-Key data (6bedc863-9fbe-11e8-945f-206a8a720317)NessusFreeBSD Local Security Checks
high
111618Debian DLA-1462-1 : wpa security updateNessusDebian Local Security Checks
medium