Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchhostapd< 2.6-r2UNKNOWN
Alpineedge-mainnoarchwpa_supplicant< 2.6-r7UNKNOWN
Alpine3.10-mainnoarchhostapd< 2.6-r2UNKNOWN
Alpine3.10-mainnoarchwpa_supplicant< 2.6-r7UNKNOWN
Alpine3.11-mainnoarchhostapd< 2.6-r2UNKNOWN
Alpine3.11-mainnoarchwpa_supplicant< 2.6-r7UNKNOWN
Alpine3.12-mainnoarchhostapd< 2.6-r2UNKNOWN
Alpine3.12-mainnoarchwpa_supplicant< 2.6-r7UNKNOWN
Alpine3.13-mainnoarchhostapd< 2.6-r2UNKNOWN
Alpine3.13-mainnoarchwpa_supplicant< 2.6-r7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-main	noarch	hostapd	< 2.6-r2	UNKNOWN
Alpine	edge-main	noarch	wpa_supplicant	< 2.6-r7	UNKNOWN
Alpine	3.10-main	noarch	hostapd	< 2.6-r2	UNKNOWN
Alpine	3.10-main	noarch	wpa_supplicant	< 2.6-r7	UNKNOWN
Alpine	3.11-main	noarch	hostapd	< 2.6-r2	UNKNOWN
Alpine	3.11-main	noarch	wpa_supplicant	< 2.6-r7	UNKNOWN
Alpine	3.12-main	noarch	hostapd	< 2.6-r2	UNKNOWN
Alpine	3.12-main	noarch	wpa_supplicant	< 2.6-r7	UNKNOWN
Alpine	3.13-main	noarch	hostapd	< 2.6-r2	UNKNOWN
Alpine	3.13-main	noarch	wpa_supplicant	< 2.6-r7	UNKNOWN

Rows per page:

1-10 of 321

hp 3

ubuntucve 1

nessus 43

cve 1

mskb 1

debiancve 1

osv 4

prion 1

veracode 1

apple 14

openvas 31

ics 11

centos 2

redhat 2

mageia 2

chrome 1

oraclelinux 2

fedora 6

ibm 1

archlinux 2

debian 3

freebsd_advisory 1

nvidia 1

redhatcve 1

hackerone 1

fortinet 1

slackware 1

intel 1

thn 1

f5 1

cisco 1

myhack58 1

huawei 1

gentoo 1

freebsd 1

lenovo 2

ubuntu 1

cert 1

suse 2

oracle 2

HPSBHF03571 rev. 6 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability

2017-11-22 00:00:00

HP Printing Security Advisory - KRACK Attacks Potential Vulnerabilities

2018-01-09 00:00:00

HPSBPI03574 rev. 2 - WPA, WPA2 Key Reinstallation Attacks (KRACK attacks) Potential Remote Disclosure of Information: Certain HP Enterprise Printer and MFP products, Certain HP PageWide Printer and MFP Products, HP Jetdirect Accessory Products

2018-01-12 00:00:00

ubuntucve

CVE-2017-13077

2017-10-16 00:00:00

nessus

Fedora 25 : hostapd (2017-cfb950d8f4) (KRACK)

2017-11-16 00:00:00

Fedora 26 : hostapd (2017-45044b6b33) (KRACK)

2017-11-16 00:00:00

Fedora 27 : hostapd (2017-fc21e3856b) (KRACK)

2018-01-15 00:00:00

cve

CVE-2017-13077

2017-10-17 02:29:00

mskb

Description of the security update for the Windows Wireless WPA pairwise encryption key reinstallation vulnerability in WES09 and POSReady 2009: March 13, 2018

2018-03-12 00:00:00

debiancve

CVE-2017-13077

2017-10-17 02:29:00

osv

CVE-2017-13077

2017-10-17 02:29:00

firmware-nonfree - security update

2018-11-10 00:00:00

wpa - security update

2017-10-31 00:00:00

prion

Design/Logic Flaw

2017-10-17 02:29:00

veracode

Key Reinstallation Attack (KRACK)

2019-01-15 09:19:52

apple

About the security content of AirPort Base Station Firmware Update 7.6.9

2017-12-12 00:00:00

About the security content of Wi-Fi Update for Boot Camp 6.4.0

2018-07-05 00:00:00

About the security content of AirPort Base Station Firmware Update 7.6.9 - Apple Support

2017-12-12 09:19:14

openvas

Intel Active Management Technology WPA2 Key Reinstallation Vulnerabilities - KRACK

2017-10-19 00:00:00

RedHat Update for wpa_supplicant RHSA-2017:2911-01

2017-10-20 00:00:00

CentOS Update for wpa_supplicant CESA-2017:2911 centos6

2017-10-20 00:00:00

ics

PHOENIX CONTACT WLAN Capable Devices using the WPA2 Protocol

2017-11-21 12:00:00

Stryker Medical Beds

2019-01-29 12:00:00

PEPPERL+FUCHS/ecom instruments WLAN Capable Devices using the WPA2 Protocol

2017-12-19 12:00:00

centos

wpa_supplicant security update

2017-10-18 16:57:30

wpa_supplicant security update

2017-10-17 21:54:54

redhat

(RHSA-2017:2911) Important: wpa_supplicant security update

2017-10-18 15:43:19

(RHSA-2017:2907) Important: wpa_supplicant security update

2017-10-17 20:14:23

mageia

Updated nonfree firmware packages fixes security vulnerabilities

2018-07-25 11:24:17

Updated wpa_supplicant and hostapd packages fix security vulnerabilities

2017-10-19 21:14:02

chrome

Stable Channel Update for Chrome OS

2017-10-27 00:00:00

oraclelinux

wpa_supplicant security update

2017-10-18 00:00:00

wpa_supplicant security update

2017-10-17 00:00:00

fedora

[SECURITY] Fedora 27 Update: hostapd-2.6-6.fc27

2017-11-15 17:59:04

[SECURITY] Fedora 25 Update: hostapd-2.6-6.fc25

2017-11-15 22:30:40

[SECURITY] Fedora 26 Update: hostapd-2.6-6.fc26

2017-11-15 20:23:27

ibm

Security Bulletin: Vulnerabilities in wpa_supplicant affect PowerKVM (KRACK)

2018-06-18 01:39:24

archlinux

[ASA-201710-23] hostapd: man-in-the-middle

2017-10-16 00:00:00

[ASA-201710-22] wpa_supplicant: man-in-the-middle

2017-10-16 00:00:00

debian

[SECURITY] [DLA 1573-1] firmware-nonfree security update

2018-11-13 01:33:10

[SECURITY] [DSA 3999-1] wpa security update

2017-10-16 09:20:15

[SECURITY] [DLA 1150-1] wpa security update

2017-10-31 14:48:26

freebsd_advisory

FreeBSD-SA-17:07.wpa

2017-10-17 00:00:00

nvidia

Security Bulletin: NVIDIA Linux for Tegra (L4T) “KRACK” vulnerabilities

2017-12-20 00:00:00

redhatcve

CVE-2017-13077

2019-10-08 10:15:50

hackerone

Internet Bug Bounty: Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse

2017-11-02 22:08:43

fortinet

Key Reinstallation Attacks: Cryptographic/protocol attack against WPA2

2017-10-16 00:00:00

slackware

[slackware-security] wpa_supplicant

2017-10-18 19:36:09

intel

One or more Intel Products affected by the Wi-Fi Protected Access II (WPA2) protocol vulnerability

2017-12-07 00:00:00

thn

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

2017-10-15 23:21:00

K23642330 : Multiple WPA2 vulnerabilities (KRACK)

2017-10-17 00:00:00

cisco

Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II

2017-10-16 14:00:00

myhack58

KRACK: WPA2 series of vulnerabilities in the event of early warning-vulnerability warning-the black bar safety net

2017-10-18 00:00:00

huawei

Security Advisory - Multiple Vulnerabilities of WPA and WPA2 Protocol in Some Huawei Products

2017-11-17 00:00:00

gentoo

hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks

2017-11-10 00:00:00

freebsd

WPA packet number reuse with replayed messages and key reinstallation

2017-10-16 00:00:00

lenovo

WPA2 Protocol Vulnerabilities - US

2018-12-18 15:12:07

WPA2 Protocol Vulnerabilities - Lenovo Support US

2018-12-18 15:12:07

ubuntu

wpa_supplicant and hostapd vulnerabilities

2017-10-16 00:00:00

cert

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

2017-10-16 00:00:00

suse

Security update for wpa_supplicant (moderate)

2020-11-26 00:00:00

Security update for wpa_supplicant (moderate)

2020-11-27 00:00:00

oracle

Oracle Critical Patch Update - April 2018

2018-04-17 00:00:00

Oracle Critical Patch Update - January 2018

2018-01-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

6.8 Medium

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.4 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.4%

JSON

Related for ALPINE:CVE-2017-13077