COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-23303

CVE-2022-23303

Severity
critical
Source
NVD · cve
Published
2022-01-17
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-23303

Players implicated

fedoraproject · vendorw1.fi · vendorfedora · producthostapd · productwpa supplicant · product

Description

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.