CVE-2022-23303
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache
CVSS
9.8
Crítico
EPSS
2.9%
p86
KEV
—
Exploit Today
26
0-100
Publicado: 17 ene 2022 · Última mod.: 14 jul 2026 · CWE-203
2.9%EPSS · 30 días2.9%
2026-06-302026-07-16
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
- lists.fedoraproject.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/
- security.gentoo.orghttps://security.gentoo.org/glsa/202309-16
- w1.fihttps://w1.fi/security/2022-1/
- lists.debian.orghttps://lists.debian.org/debian-lts-announce/2025/04/msg00019.html
- lists.fedoraproject.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YPDHU5MV464CZBPX7N2SNMUYP6DFIBZL/
- security.gentoo.orghttps://security.gentoo.org/glsa/202309-16
- w1.fihttps://w1.fi/security/2022-1/
- cert-portal.siemens.comhttps://cert-portal.siemens.com/productcert/html/ssa-585531.html
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2022-233049.8 CRÍ77.4%
——23The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.3dCVE-2022-371465.3 MED49.4%
——15The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider take significantly longer than those for invalid users, allowing for valid users to be enumerated by an unauthenticated remote attacker. Note that the lockout policy implemented in Plextrac version 1.17.0 makes it impossible to distinguish between valid, locked user accounts and user accounts that do not exist, but does not prevent valid, unlocked users from being enumerated.8dCVE-2022-413544.3 MED46.7%
——14An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications.8dCVE-2026-443325.3 MED40.5%
——12Fiber is an Express inspired web framework written in Go. Prior to 3.3.0, the default Authorizer function in the BasicAuth middleware in middleware/basicauth/config.go uses short-circuit evaluation that skips password hash comparison for non-existent usernames, enabling reliable remote username enumeration through response timing differences. This issue is fixed in version 3.3.0.1dCVE-2024-413357.5 ALT35.4%
——11Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200 prior to v3.9.8.8, Vigor 2860/2925 prior to v3.9.7, Vigor 2862/2926 prior to v3.9.9.4, Vigor 2133/2762/2832 prior to v3.9.8, Vigor 2135/2765/2766 prior to v4.4.5.1, Vigor 2865/2866/2927 prior to v4.4.5.3, Vigor 2962/3910 prior to v4.3.2.7, Vigor 3912 prior to v4.3.5.2, and Vigor 2925 up to v3.9.6 were discovered to utilize insecure versions of the functions strcmp and memcmp, allowing attackers to possibly obtain sensitive information via timing attacks.12dCVE-2024-343365.3 MED30.2%
——9User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality.11d