Fluid Attacks Database

Description

NetworkManager 0.9.x does not pin a certificate's subject to an ESSID when 802.11X authentication is used.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	network-manager	>=0 <0.9.4.0-1	0.9.4.0-1
debian 14	network-manager	>=0 <0.9.4.0-1	0.9.4.0-1
debian 13	network-manager	>=0 <0.9.4.0-1	0.9.4.0-1
debian 11	network-manager	>=0 <0.9.4.0-1	0.9.4.0-1
rpm rhel6	wpa_supplicant	-	-
rpm rhel5	wpa_supplicant	-	-
rpm rhel6	NetworkManager	-	-
rpm rhel5	NetworkManager	-	-

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.