VDE-2019-005 - Vulnerability-Lookup

VDE-2019-005

Vulnerability from csaf_endresshauserag - Published: 2019-03-19 15:34 - Updated: 2019-03-19 15:34

Summary

Endress+Hauser: WIFI enabled products utilising WPA2

Notes

Summary: Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. The Field Xpert SFX370 and SFX350 handhelds are manufactured by Pepperl+Fuchs/ecom instruments for Endress+Hauser. The Advisory for Pepperl+Fuchs/ecom instruments can be found here: VDE-2017-005

Impact: The devices are in theory attackable by replay, decryption and faking of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily fake and inject packets directly into the WIFI.

Remediation: For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13082

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

8.1 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13086

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13087

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13088

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

References

URL

Category

	https://certvde.com/en/advisories/VDE-2019-005/	self
	https://endress-hauser.csaf-tp.certvde.com/.well-…	self
	https://www.endress.com	external
	https://certvde.com/en/advisories/vendor/endress-…	external

Acknowledgments

CERT@VDE certvde.com

krack attacks KU Leuven www.krackattacks.com/

imec-DistriNet Mathy Vanhoef

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "KU Leuven"
        ],
        "organization": "krack attacks",
        "summary": "reporting",
        "urls": [
          "https://www.krackattacks.com/"
        ]
      },
      {
        "names": [
          "Mathy Vanhoef"
        ],
        "organization": "imec-DistriNet ",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection.\nThe Field Xpert SFX370 and SFX350 handhelds are manufactured by Pepperl+Fuchs/ecom instruments for Endress+Hauser.\nThe Advisory for Pepperl+Fuchs/ecom instruments can be found here: VDE-2017-005",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The devices are in theory attackable by replay, decryption and faking of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily fake and inject packets directly into the WIFI.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@endress.com",
      "name": "Endress+Hauser AG",
      "namespace": "https://www.endress.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2019-005: Endress+Hauser: WIFI enabled products utilising WPA2 - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2019-005/"
      },
      {
        "category": "self",
        "summary": "VDE-2019-005: Endress+Hauser: WIFI enabled products utilising WPA2 - CSAF",
        "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2019/vde-2019-005.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.endress.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Endress+Hauser AG",
        "url": "https://certvde.com/en/advisories/vendor/endress-hauser/"
      }
    ],
    "title": "Endress+Hauser: WIFI enabled products utilising WPA2",
    "tracking": {
      "aliases": [
        "VDE-2019-005"
      ],
      "current_release_date": "2019-03-19T15:34:00.000Z",
      "generator": {
        "date": "2025-05-26T13:13:31.733Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.26"
        }
      },
      "id": "VDE-2019-005",
      "initial_release_date": "2019-03-19T15:34:00.000Z",
      "revision_history": [
        {
          "date": "2019-03-19T15:34:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SFX350 vers:all/*",
                      "product_id": "CSAFPID-11001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SFX350"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SFX370 vers:all/*",
                      "product_id": "CSAFPID-11002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SFX370"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SMT70 vers:all/*",
                      "product_id": "CSAFPID-11003"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SMT70"
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          }
        ],
        "category": "vendor",
        "name": "Vendor"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13077",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13080",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-13079",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13079"
    },
    {
      "cve": "CVE-2017-13081",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13081"
    },
    {
      "cve": "CVE-2017-13082",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2017-13086",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13086"
    },
    {
      "cve": "CVE-2017-13087",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13087"
    },
    {
      "cve": "CVE-2017-13088",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13088"
    }
  ]
}

CVE-2017-13088 (GCVE-0-2017-13088)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-18T12:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13088",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13088",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.471Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13078 (GCVE-0-2017-13078)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	https://support.apple.com/HT208221	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://support.apple.com/HT208222	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://support.apple.com/HT208220	x_refsource_CONFIRM
	https://support.apple.com/HT208219	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13078",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13078",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13087 (GCVE-0-2017-13087)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-16T13:57:02.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13087",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13087",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13080 (GCVE-0-2017-13080)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	https://support.apple.com/HT208221	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://lists.debian.org/debian-lts-announce/2017…	mailing-listx_refsource_MLIST
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	https://support.apple.com/HT208327	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://support.apple.com/HT208325	x_refsource_CONFIRM
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1039572	vdb-entryx_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://support.apple.com/HT208222	x_refsource_CONFIRM
	https://support.apple.com/HT208334	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://support.apple.com/HT208220	x_refsource_CONFIRM
	https://support.apple.com/HT208219	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039703	vdb-entryx_refsource_SECTRACK
	https://portal.msrc.microsoft.com/en-US/security-…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU
	https://www.intel.com/content/www/us/en/security-…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.283Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208327"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208325"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "name": "1039572",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039572"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208334"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "1039703",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-10T20:06:15.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208327"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208325"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "name": "1039572",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039572"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208334"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "1039703",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13080",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "https://support.apple.com/HT208327",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208327"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://support.apple.com/HT208325",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208325"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "1039572",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039572"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://support.apple.com/HT208334",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208334"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "1039703",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039703"
            },
            {
              "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
              "refsource": "CONFIRM",
              "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            },
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13080",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.283Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13082 (GCVE-0-2017-13082)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	https://rockwellautomation.custhelp.com/app/answe…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039571	vdb-entryx_refsource_SECTRACK
	https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02	x_refsource_MISC
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	http://www.securitytracker.com/id/1039570	vdb-entryx_refsource_SECTRACK
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://github.com/vanhoefm/krackattacks-test-ap-ft	x_refsource_MISC
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.560Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039571",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039571"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "name": "1039570",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039570"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          },
          {
            "name": "openSUSE-SU-2020:0222",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-16T00:06:11.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039571",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039571"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "name": "1039570",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039570"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        },
        {
          "name": "openSUSE-SU-2020:0222",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13082",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697",
              "refsource": "CONFIRM",
              "url": "https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039571",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039571"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "1039570",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039570"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://github.com/vanhoefm/krackattacks-test-ap-ft",
              "refsource": "MISC",
              "url": "https://github.com/vanhoefm/krackattacks-test-ap-ft"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            },
            {
              "name": "openSUSE-SU-2020:0222",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13082",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.560Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13086 (GCVE-0-2017-13086)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.219Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-16T13:57:02.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13086",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13086",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13081 (GCVE-0-2017-13081)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.441Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13081",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13081",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.441Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13079 (GCVE-0-2017-13079)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Severity ?

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.231Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "SUSE-SU-2017:2745",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "name": "openSUSE-SU-2017:2755",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "SUSE-SU-2017:2752",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "SUSE-SU-2017:2745",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "name": "openSUSE-SU-2017:2755",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "SUSE-SU-2017:2752",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13079",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "SUSE-SU-2017:2745",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "openSUSE-SU-2017:2755",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "SUSE-SU-2017:2752",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13079",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.231Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-13077 (GCVE-0-2017-13077)

Vulnerability from cvelistv5 – Published: 2017-10-17 02:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

certcc

References

URL

Tags

	http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
	https://support.apple.com/HT208221	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
	http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
	https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1041432	vdb-entryx_refsource_SECTRACK
	https://source.android.com/security/bulletin/2018-04-01	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisoryx_refsource_REDHAT
	https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?d…	x_refsource_CONFIRM
	https://support.apple.com/HT208222	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
	http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
	https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039585	vdb-entryx_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
	https://support.apple.com/HT208220	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2018-06-01	x_refsource_CONFIRM
	https://support.apple.com/HT208219	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public ?

2017-10-16 00:00

Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.291Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208221"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "1041432",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041432"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2018-04-01"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "name": "RHSA-2017:2911",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2911"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
          },
          {
            "name": "1039585",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039585"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208220"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2018-06-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/HT208219"
          },
          {
            "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-13T10:57:01.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208221"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "1041432",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041432"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2018-04-01"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "name": "RHSA-2017:2911",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2911"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
        },
        {
          "name": "1039585",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039585"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208220"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2018-06-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/HT208219"
        },
        {
          "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13077",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "https://support.apple.com/HT208221",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208221"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "1041432",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041432"
            },
            {
              "name": "https://source.android.com/security/bulletin/2018-04-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2018-04-01"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "RHSA-2017:2911",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2911"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us",
              "refsource": "CONFIRM",
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03792en_us"
            },
            {
              "name": "https://support.apple.com/HT208222",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208222"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-003",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-003"
            },
            {
              "name": "1039585",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039585"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://support.apple.com/HT208220",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208220"
            },
            {
              "name": "https://source.android.com/security/bulletin/2018-06-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2018-06-01"
            },
            {
              "name": "https://support.apple.com/HT208219",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/HT208219"
            },
            {
              "name": "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13077",
    "datePublished": "2017-10-17T02:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.291Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.