[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2017-13080Date: (C)2017-10-17   (M)2024-03-21


Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.3CVSS Score : 2.9
Exploit Score: 1.6Exploit Score: 5.5
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: ADJACENT_NETWORKAccess Vector: ADJACENT_NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
BID-101274
SECTRACK-1039572
SECTRACK-1039573
SECTRACK-1039576
SECTRACK-1039577
SECTRACK-1039578
SECTRACK-1039581
SECTRACK-1039585
SECTRACK-1039703
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
DSA-3999
FreeBSD-SA-17:07
GLSA-201711-03
RHSA-2017:2907
RHSA-2017:2911
SUSE-SU-2017:2745
SUSE-SU-2017:2752
USN-3455-1
VU#228519
https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html
https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
https://access.redhat.com/security/vulnerabilities/kracks
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-003
https://cert.vde.com/en-us/advisories/vde-2017-005
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
https://source.android.com/security/bulletin/2017-11-01
https://support.apple.com/HT208219
https://support.apple.com/HT208220
https://support.apple.com/HT208221
https://support.apple.com/HT208222
https://support.apple.com/HT208325
https://support.apple.com/HT208327
https://support.apple.com/HT208334
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
https://support.lenovo.com/us/en/product_security/LEN-17420
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
https://www.krackattacks.com/
openSUSE-SU-2017:2755

CPE    20
cpe:/o:debian:debian_linux:9.0
cpe:/a:w1.fi:hostapd:0.2.4
cpe:/a:w1.fi:wpa_supplicant:1.1
cpe:/o:freebsd:freebsd
...
CWE    1
CWE-330
OVAL    43
oval:org.secpod.oval:def:204574
oval:org.secpod.oval:def:89044705
oval:org.secpod.oval:def:89044577
oval:org.secpod.oval:def:89044750
...

© SecPod Technologies