CVE-2022-41859

Published January 17th, 2023

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

In freeradius, the EAP-PWD function compute_password_element() leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack.

FreeRADIUS/freeradius-server

FreeRADIUS - A multi-protocol policy server.

GitHub

2.53K