Lucene search

K
cveCertccCVE-2017-13077
HistoryOct 17, 2017 - 2:29 a.m.

CVE-2017-13077

2017-10-1702:29:00
CWE-330
certcc
web.nvd.nist.gov
249
cve-2017-13077
wi-fi
wpa
wpa2
vulnerability
key reinstallation
nvd

CVSS2

5.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

53.1%

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch17.04
OR
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
freebsdfreebsd
OR
freebsdfreebsdMatch10
OR
freebsdfreebsdMatch10.4
OR
freebsdfreebsdMatch11
OR
freebsdfreebsdMatch11.1
OR
opensuseleapMatch42.2
OR
opensuseleapMatch42.3
OR
redhatenterprise_linux_desktopMatch7
OR
redhatenterprise_linux_serverMatch7
Node
w1.fihostapdMatch0.2.4
OR
w1.fihostapdMatch0.2.5
OR
w1.fihostapdMatch0.2.6
OR
w1.fihostapdMatch0.2.8
OR
w1.fihostapdMatch0.3.7
OR
w1.fihostapdMatch0.3.9
OR
w1.fihostapdMatch0.3.10
OR
w1.fihostapdMatch0.3.11
OR
w1.fihostapdMatch0.4.7
OR
w1.fihostapdMatch0.4.8
OR
w1.fihostapdMatch0.4.9
OR
w1.fihostapdMatch0.4.10
OR
w1.fihostapdMatch0.4.11
OR
w1.fihostapdMatch0.5.7
OR
w1.fihostapdMatch0.5.8
OR
w1.fihostapdMatch0.5.9
OR
w1.fihostapdMatch0.5.10
OR
w1.fihostapdMatch0.5.11
OR
w1.fihostapdMatch0.6.8
OR
w1.fihostapdMatch0.6.9
OR
w1.fihostapdMatch0.6.10
OR
w1.fihostapdMatch0.7.3
OR
w1.fihostapdMatch1.0
OR
w1.fihostapdMatch1.1
OR
w1.fihostapdMatch2.0
OR
w1.fihostapdMatch2.1
OR
w1.fihostapdMatch2.2
OR
w1.fihostapdMatch2.3
OR
w1.fihostapdMatch2.4
OR
w1.fihostapdMatch2.5
OR
w1.fihostapdMatch2.6
OR
w1.fiwpa_supplicantMatch0.2.4
OR
w1.fiwpa_supplicantMatch0.2.5
OR
w1.fiwpa_supplicantMatch0.2.6
OR
w1.fiwpa_supplicantMatch0.2.7
OR
w1.fiwpa_supplicantMatch0.2.8
OR
w1.fiwpa_supplicantMatch0.3.7
OR
w1.fiwpa_supplicantMatch0.3.8
OR
w1.fiwpa_supplicantMatch0.3.9
OR
w1.fiwpa_supplicantMatch0.3.10
OR
w1.fiwpa_supplicantMatch0.3.11
OR
w1.fiwpa_supplicantMatch0.4.7
OR
w1.fiwpa_supplicantMatch0.4.8
OR
w1.fiwpa_supplicantMatch0.4.9
OR
w1.fiwpa_supplicantMatch0.4.10
OR
w1.fiwpa_supplicantMatch0.4.11
OR
w1.fiwpa_supplicantMatch0.5.7
OR
w1.fiwpa_supplicantMatch0.5.8
OR
w1.fiwpa_supplicantMatch0.5.9
OR
w1.fiwpa_supplicantMatch0.5.10
OR
w1.fiwpa_supplicantMatch0.5.11
OR
w1.fiwpa_supplicantMatch0.6.8
OR
w1.fiwpa_supplicantMatch0.6.9
OR
w1.fiwpa_supplicantMatch0.6.10
OR
w1.fiwpa_supplicantMatch0.7.3
OR
w1.fiwpa_supplicantMatch1.0
OR
w1.fiwpa_supplicantMatch1.1
OR
w1.fiwpa_supplicantMatch2.0
OR
w1.fiwpa_supplicantMatch2.1
OR
w1.fiwpa_supplicantMatch2.2
OR
w1.fiwpa_supplicantMatch2.3
OR
w1.fiwpa_supplicantMatch2.4
OR
w1.fiwpa_supplicantMatch2.5
OR
w1.fiwpa_supplicantMatch2.6
Node
suselinux_enterprise_desktopMatch12sp2
OR
suselinux_enterprise_desktopMatch12sp3
OR
suselinux_enterprise_point_of_saleMatch11sp3
OR
suselinux_enterprise_serverMatch11sp3ltss
OR
suselinux_enterprise_serverMatch11sp4
OR
suselinux_enterprise_serverMatch12ltss
OR
suseopenstack_cloudMatch6
VendorProductVersionCPE
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonicalubuntu_linux17.04cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
freebsdfreebsd*cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
freebsdfreebsd10cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
freebsdfreebsd10.4cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
freebsdfreebsd11cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
freebsdfreebsd11.1cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 851

CNA Affected

[
  {
    "product": "Wi-Fi Protected Access (WPA and WPA2)",
    "vendor": "Wi-Fi Alliance",
    "versions": [
      {
        "status": "affected",
        "version": "WPA"
      },
      {
        "status": "affected",
        "version": "WPA2"
      }
    ]
  }
]

References

CVSS2

5.4

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

53.1%