CVE-2020-10754

Summary

It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely.

Affected Software

VendorProductVersion RangeStatus
[Red Hat]NetworkManager1.24.2affected

Weaknesses

  • CWE-287: CWE-287
  • CWE-306: CWE-306

ADP Enrichment

CVE Program Container

Additional References

References