CVE-2015-0210
MEDIUMwpa_supplicant 2.0-16 - Improper Certificate Validation
Title source: llmDescription
wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attackers to cause a man-in-the-middle attack.
References (2)
Core 2
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory, VDB Entry x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1178263
Exploit, Issue Tracking, Third Party Advisory, VDB Entry x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1178921
Scores
CVSS v3
5.9
EPSS
0.0090
EPSS Percentile
55.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-295
Status
published
Products (1)
w1.fi/wpa_supplicant
2.0-16
Published
Aug 28, 2017
Tracked Since
Feb 18, 2026