The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.
Information Disclosure
Hostapd
Wpa Supplicant
Fedora
Backports Sle
+5
NVD
CVSS 3.1
3.7
EPSS
3.4%
Prev
Page 2 of 2