4.4

CVE-2012-2736

Exploit

In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in AdHoc mode, it created an open/insecure network.

Data is provided by the National Vulnerability Database (NVD)
GnomeNetworkmanager Version0.9.2.0
DebianDebian Linux Version8.0
DebianDebian Linux Version9.0
DebianDebian Linux Version10.0
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version11.04
CanonicalUbuntu Linux Version11.10
OpensuseOpensuse Version12.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.25
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.4 1.8 2.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov 3.3 3.4 4.9
AV:L/AC:M/Au:N/C:P/I:P/A:N
CWE-306 Missing Authentication for Critical Function

The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

http://www.openwall.com/lists/oss-security/2012/06/15/4
Patch
Third Party Advisory
Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2736
Third Party Advisory
Exploit
Issue Tracking