{"containers":{"cna":{"affected":[{"product":"hostapd with EAP-pwd support","vendor":"Wi-Fi Alliance","versions":[{"lessThanOrEqual":"2.7","status":"affected","version":"2.7","versionType":"custom"}]},{"product":"wpa_supplicant with EAP-pwd support","vendor":"Wi-Fi Alliance","versions":[{"lessThanOrEqual":"2.7","status":"affected","version":"2.7","versionType":"custom"}]},{"product":"hostapd with SAE support","vendor":"Wi-Fi Alliance","versions":[{"lessThanOrEqual":"2.4","status":"affected","version":"2.4","versionType":"custom"}]},{"product":"wpa_supplicant with SAE support","vendor":"Wi-Fi Alliance","versions":[{"lessThanOrEqual":"2.4","status":"affected","version":"2.4","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-346","description":"CWE-346 Origin Validation Error","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-02-16T00:06:07.000Z","orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://w1.fi/security/2019-4/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.synology.com/security/advisory/Synology_SA_19_16"},{"name":"FEDORA-2019-d03bae77f5","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"},{"name":"FEDORA-2019-f409af9fbe","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"},{"name":"FEDORA-2019-eba1109acd","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"},{"name":"FreeBSD-SA-19:03","tags":["vendor-advisory","x_refsource_FREEBSD"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"},{"name":"20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"https://seclists.org/bugtraq/2019/May/40"},{"name":"[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update","tags":["mailing-list","x_refsource_MLIST"],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"},{"name":"openSUSE-SU-2020:0222","tags":["vendor-advisory","x_refsource_SUSE"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"}],"source":{"discovery":"UNKNOWN"},"title":"The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit","x_generator":{"engine":"Vulnogram 0.0.6"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"Dragonblood","ASSIGNER":"cert@cert.org","ID":"CVE-2019-9498","STATE":"PUBLIC","TITLE":"The implementations of EAP-PWD in hostapd EAP Server do not validate the scalar and element values in EAP-pwd-Commit"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"hostapd with EAP-pwd support","version":{"version_data":[{"version_affected":"<=","version_name":"2.7","version_value":"2.7"}]}},{"product_name":"wpa_supplicant with EAP-pwd support","version":{"version_data":[{"version_affected":"<=","version_name":"2.7","version_value":"2.7"}]}},{"product_name":"hostapd with SAE support","version":{"version_data":[{"version_affected":"<=","version_name":"2.4","version_value":"2.4"}]}},{"product_name":"wpa_supplicant with SAE support","version":{"version_data":[{"version_affected":"<=","version_name":"2.4","version_value":"2.4"}]}}]},"vendor_name":"Wi-Fi Alliance"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able to use invalid scalar/element values to complete authentication, gaining session key and network access without needing or learning the password. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.4 are affected. Both hostapd with EAP-pwd support and wpa_supplicant with EAP-pwd support prior to and including version 2.7 are affected."}]},"generator":{"engine":"Vulnogram 0.0.6"},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-346 Origin Validation Error"}]}]},"references":{"reference_data":[{"name":"https://w1.fi/security/2019-4/","refsource":"CONFIRM","url":"https://w1.fi/security/2019-4/"},{"name":"https://www.synology.com/security/advisory/Synology_SA_19_16","refsource":"CONFIRM","url":"https://www.synology.com/security/advisory/Synology_SA_19_16"},{"name":"FEDORA-2019-d03bae77f5","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"},{"name":"FEDORA-2019-f409af9fbe","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"},{"name":"FEDORA-2019-eba1109acd","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"},{"name":"FreeBSD-SA-19:03","refsource":"FREEBSD","url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"},{"name":"20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa","refsource":"BUGTRAQ","url":"https://seclists.org/bugtraq/2019/May/40"},{"name":"[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update","refsource":"MLIST","url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"},{"name":"openSUSE-SU-2020:0222","refsource":"SUSE","url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"}]},"source":{"discovery":"UNKNOWN"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T21:54:44.081Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://w1.fi/security/2019-4/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://www.synology.com/security/advisory/Synology_SA_19_16"},{"name":"FEDORA-2019-d03bae77f5","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/"},{"name":"FEDORA-2019-f409af9fbe","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/"},{"name":"FEDORA-2019-eba1109acd","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/"},{"name":"FreeBSD-SA-19:03","tags":["vendor-advisory","x_refsource_FREEBSD","x_transferred"],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc"},{"name":"20190515 FreeBSD Security Advisory FreeBSD-SA-19:03.wpa","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"https://seclists.org/bugtraq/2019/May/40"},{"name":"[debian-lts-announce] 20190731 [SECURITY] [DLA 1867-1] wpa security update","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://lists.debian.org/debian-lts-announce/2019/07/msg00030.html"},{"name":"openSUSE-SU-2020:0222","tags":["vendor-advisory","x_refsource_SUSE","x_transferred"],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"}]}]},"cveMetadata":{"assignerOrgId":"37e5125f-f79b-445b-8fad-9564f167944b","assignerShortName":"certcc","cveId":"CVE-2019-9498","datePublished":"2019-04-17T13:31:08.000Z","dateReserved":"2019-03-01T00:00:00.000Z","dateUpdated":"2024-08-04T21:54:44.081Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}