CVE-2022-23303

EPSS 0.33% · P56 Updated Nov 04, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-23303

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

hostapd 加密问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

hostapd是一款访问点和身份验证服务器的用户空间守护程序。 hostapd 中存在加密问题漏洞，该漏洞源于产品的hostapd 和 wpa supplicant组件存在缓存访问模式错误。攻击者可通过该漏洞发起侧通道攻击。在2.10之前的hostapd和2.10之前的wpa supplicant中，SAE的实现很容易受到侧通道攻击，因为缓存访问模式。注意:此问题存在是因为CVE-2019-9494的修复不完整。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-23303

#	POC Description	Source Link	Shenlong Link
1	mirror of https://w1.fi/cgit/hostap/ till 30/01/2023 for CVE-2022-23303/4 - c22	https://github.com/skulkarni-mv/hostapd_mirror	POC Details
2	mirror of https://w1.fi/cgit/hostap/ till 30/01/2023 for CVE-2022-23303/4 - c22	https://github.com/web-logs2/hostapd_mirror	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-23303

请登录查看更多情报信息。

Same Patch Batch · n/a · 2022-01-17 · 4 CVEs total

CVE-2022-22703		Stormshield SSO 日志信息泄露漏洞
CVE-2021-33040		Epub.js 跨站脚本漏洞
CVE-2022-23304		EAP-pwd 加密问题漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-23303

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-23303

I. Basic Information for CVE-2022-23303

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-23303

III. Intelligence Information for CVE-2022-23303

Same Patch Batch · n/a · 2022-01-17 · 4 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-23303

Leave a comment