CVE-2019-12586 - CERT CVE
ID CVE-2019-12586
Sažetak The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266_NONOS_SDK 2.2.0 through 3.1.0 processes EAP Success messages before any EAP method completion or failure, which allows attackers in radio range to cause a denial of service (crash) via a crafted message.
Reference
CVSS
Base: 3.3
Impact: 2.9
Exploitability:6.5
Pristup
VektorSloženostAutentikacija
ADJACENT_NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:A/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje 24-08-2020 - 17:37
Objavljeno 04-09-2019 - 20:15