Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveRedhatCVE-2014-3686
HistoryOct 16, 2014 - 12:55 a.m.

CVE-2014-3686

2014-10-1600:55:05
CWE-20
redhat
web.nvd.nist.gov
58
cve-2014-3686
wpa_supplicant
hostapd
remote attack
command execution
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON

wpa_supplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpa_cli or hostapd_cli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame.

Affected configurations

Nvd
Node
w1.fihostapdMatch0.7.2
OR
w1.fihostapdMatch1.0
OR
w1.fihostapdMatch1.1
OR
w1.fihostapdMatch2.0
OR
w1.fihostapdMatch2.1
OR
w1.fihostapdMatch2.2
OR
w1.fiwpa_supplicantMatch0.72
OR
w1.fiwpa_supplicantMatch1.0
OR
w1.fiwpa_supplicantMatch1.1
OR
w1.fiwpa_supplicantMatch2.0
OR
w1.fiwpa_supplicantMatch2.1
OR
w1.fiwpa_supplicantMatch2.2
OR
canonicalubuntu_linuxMatch10.04-lts
OR
canonicalubuntu_linuxMatch12.04-lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
debiandebian_linuxMatch6.0
VendorProductVersionCPE
w1.fihostapd0.7.2cpe:2.3:a:w1.fi:hostapd:0.7.2:*:*:*:*:*:*:*
w1.fihostapd1.0cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*
w1.fihostapd1.1cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*
w1.fihostapd2.0cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*
w1.fihostapd2.1cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*
w1.fihostapd2.2cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*
w1.fiwpa_supplicant0.72cpe:2.3:a:w1.fi:wpa_supplicant:0.72:*:*:*:*:*:*:*
w1.fiwpa_supplicant1.0cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*
w1.fiwpa_supplicant1.1cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*
w1.fiwpa_supplicant2.0cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*
Rows per page:
1-10 of 161

Related

openvas 15
ubuntucve 1
nessus 20
archlinux 1
fedora 6
nvd 1
debiancve 1
debian 3
centos 1
ubuntu 1
prion 1
cvelist 1
securityvulns 2
suse 1
redhat 1
mageia 1
osv 4
oraclelinux 2
slackware 1
gentoo 1
openvas
openvas
Debian Security Advisory DSA 3052-1 (wpa - security update)
2014-10-15 00:00:00
Ubuntu: Security Advisory (USN-2383-1)
2014-10-15 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1356-1)
2021-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2014-3686
2014-10-09 00:00:00
nessus
nessus
SuSE 11.3 Security Update : wpa_supplicant (SAT Patch Number 9894)
2014-11-05 00:00:00
CentOS 7 : wpa_supplicant (CESA-2014:1956)
2014-12-05 00:00:00
Mandriva Linux Security Advisory : wpa_supplicant (MDVSA-2014:211)
2014-10-30 00:00:00
archlinux
archlinux
wpa_supplicant, hostapd: Arbitrary command execution
2014-10-20 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: hostapd-2.3-1.fc21
2014-11-01 16:25:41
[SECURITY] Fedora 20 Update: hostapd-2.3-1.fc20
2014-11-07 02:40:32
[SECURITY] Fedora 21 Update: wpa_supplicant-2.0-12.fc21
2014-11-10 06:21:21
nvd
nvd
CVE-2014-3686
2014-10-16 00:55:05
debiancve
debiancve
CVE-2014-3686
2014-10-16 00:55:05
debian
debian
[SECURITY] [DSA 3052-1] wpa security update
2014-10-16 04:02:40
[SECURITY] [DSA 3052-1] wpa security update
2014-10-16 04:02:40
[SECURITY] [DLA 147-1] wpasupplicant security update
2015-02-06 23:39:53
centos
centos
wpa_supplicant security update
2014-12-04 13:38:10
ubuntu
ubuntu
wpa_supplicant vulnerability
2014-10-14 00:00:00
prion
prion
Design/Logic Flaw
2014-10-16 00:55:00
cvelist
cvelist
CVE-2014-3686
2014-10-16 00:00:00
securityvulns
securityvulns
[USN-2383-1] wpa_supplicant vulnerability
2014-10-15 00:00:00
wpa_supplicant shell characters vulnerability
2014-10-15 00:00:00
suse
suse
Security update for wpa_supplicant (important)
2014-11-04 22:04:46
redhat
redhat
(RHSA-2014:1956) Moderate: wpa_supplicant security update
2014-12-03 00:00:00
mageia
mageia
Updated wpa_supplicant and hostapd packages fix security vulnerability
2014-10-28 14:33:36
osv
osv
wpasupplicant - security update
2015-02-07 00:00:00
wpa - security update
2014-10-15 00:00:00
hostapd-2.6-1.1 on GA media
2024-06-15 00:00:00
oraclelinux
oraclelinux
wpa_supplicant security update
2014-12-03 00:00:00
wpa_supplicant security and enhancement update
2015-06-11 00:00:00
slackware
slackware
[slackware-security] wpa_supplicant
2014-12-11 04:12:54
gentoo
gentoo
hostapd and wpa_supplicant: Multiple vulnerabilities
2016-06-27 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6

Confidence

High

EPSS

0.015

Percentile

87.2%

JSON
Related for CVE-2014-3686
openvas15ubuntucve1nessus20archlinux1fedora6nvd1debiancve1debian3centos1ubuntu1prion1cvelist1securityvulns2suse1redhat1mageia1osv4oraclelinux2slackware1gentoo1