{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T07:05:20.459","vulnerabilities":[{"cve":{"id":"CVE-2019-9494","sourceIdentifier":"cret@cert.org","published":"2019-04-17T14:29:03.840","lastModified":"2024-11-21T04:51:43.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side channel attack that can be used for full password recovery. Both hostapd with SAE support and wpa_supplicant with SAE support prior to and including version 2.7 are affected."},{"lang":"es","value":"Las implementaciones SAE en hostapd y wpa_supplicant son vulnerables a los ataques de canal lateral (side channel) como resultado de diferencias de tiempo observables y patrones de acceso a la caché. Un atacante puede conseguir información filtrada de un ataque de canal lateral (side channel) que pueda ser usado  para la recuperación completa de la contraseña. Tanto hostapd con soporte SAE como wpa_supplicant con soporte SAE antes e incluyendo la versión 2.7 están afectados."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cret@cert.org","type":"Secondary","description":[{"lang":"en","value":"CWE-208"},{"lang":"en","value":"CWE-524"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-203"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7","matchCriteriaId":"5133129D-DA6B-485D-9FE7-33C994FBAF05"},{"vulnerable":true,"criteria":"cpe:2.3:a:w1.fi:wpa_supplicant:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7","matchCriteriaId":"46294B0E-0043-487D-AD8F-931DC05F0E78"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","matchCriteriaId":"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","matchCriteriaId":"D100F7CE-FC64-4CC6-852A-6136D72DA419"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","matchCriteriaId":"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","matchCriteriaId":"D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*","matchCriteriaId":"40513095-7E6E-46B3-B604-C926F1BA3568"},{"vulnerable":true,"criteria":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","matchCriteriaId":"B620311B-34A3-48A6-82DF-6F078D7A4493"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synology:radius_server:3.0:*:*:*:*:*:*:*","matchCriteriaId":"2C6E6871-7BB3-43BB-9A31-0B44B46C8D97"},{"vulnerable":true,"criteria":"cpe:2.3:a:synology:router_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.3-8087","matchCriteriaId":"041AF55B-1899-4C8D-8236-215027609F79"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:-:*:*:*:*:*:*","matchCriteriaId":"3ACD1D8D-B3BC-4E99-B846-90A4071DB87B"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p2:*:*:*:*:*:*","matchCriteriaId":"699FE432-8DF0-49F1-A98B-0E19CE01E5CE"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p3:*:*:*:*:*:*","matchCriteriaId":"20B06752-39EE-4600-AC1F-69FB9C88E2A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p4:*:*:*:*:*:*","matchCriteriaId":"22365F7C-2B00-4B61-84E8-EFBA3B8CFDC0"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p5:*:*:*:*:*:*","matchCriteriaId":"E86CD544-86C4-4D9D-9CE5-087027509EDA"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p6:*:*:*:*:*:*","matchCriteriaId":"64E47AE7-BB45-428E-90E9-38BFDFF23650"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p7:*:*:*:*:*:*","matchCriteriaId":"586B9FA3-65A2-41EB-A848-E4A75565F0CA"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p8:*:*:*:*:*:*","matchCriteriaId":"1164B48E-2F28-43C5-9B7B-546EAE12E27D"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:p9:*:*:*:*:*:*","matchCriteriaId":"F0B15B89-3AD2-4E03-9F47-DA934702187B"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:11.2:rc3:*:*:*:*:*:*","matchCriteriaId":"878DF67E-420A-4229-BEA8-DB9F7161ED9A"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:-:*:*:*:*:*:*","matchCriteriaId":"826B53C2-517F-4FC6-92E8-E7FCB24F91B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p1:*:*:*:*:*:*","matchCriteriaId":"93F10A46-AEF2-4FDD-92D6-0CF07B70F986"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p2:*:*:*:*:*:*","matchCriteriaId":"E1AD57A9-F53A-4E40-966E-F2F50852C5E4"},{"vulnerable":true,"criteria":"cpe:2.3:o:freebsd:freebsd:12.0:p3:*:*:*:*:*:*","matchCriteriaId":"C4029113-130F-4A33-A8A0-BC3E74000378"}]}]}],"references":[{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html","source":"cret@cert.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html","source":"cret@cert.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/","source":"cret@cert.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/","source":"cret@cert.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/","source":"cret@cert.org"},{"url":"https://seclists.org/bugtraq/2019/May/40","source":"cret@cert.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc","source":"cret@cert.org","tags":["Third Party Advisory"]},{"url":"https://w1.fi/security/2019-1/","source":"cret@cert.org","tags":["Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_16","source":"cret@cert.org","tags":["Third Party Advisory"]},{"url":"http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/152914/FreeBSD-Security-Advisory-FreeBSD-SA-19-03.wpa.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/56OBBOJJSKRTDGEXZOVFSTP4HDSDBLAE/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVMJOFEYBGXZLFF5IOLW67SSOPKFEJP3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDOZGR3T7FVO5JSZWK2QPR7AOFIEJTIZ/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://seclists.org/bugtraq/2019/May/40","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-19:03.wpa.asc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://w1.fi/security/2019-1/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.synology.com/security/advisory/Synology_SA_19_16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}