Lucene search

K
nvd[email protected]NVD:CVE-2017-13078
HistoryOct 17, 2017 - 1:29 p.m.

CVE-2017-13078

2017-10-1713:29:00
CWE-330
CWE-323
web.nvd.nist.gov
10
cve-2017-13078 wi-fi protected access gtk four-way handshake

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

51.9%

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch16.04lts
OR
canonicalubuntu_linuxMatch17.04
OR
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
freebsdfreebsd
OR
freebsdfreebsdMatch10
OR
freebsdfreebsdMatch10.4
OR
freebsdfreebsdMatch11
OR
freebsdfreebsdMatch11.1
OR
opensuseleapMatch42.2
OR
opensuseleapMatch42.3
OR
redhatenterprise_linux_desktopMatch7
OR
redhatenterprise_linux_serverMatch7
Node
w1.fihostapdMatch0.2.4
OR
w1.fihostapdMatch0.2.5
OR
w1.fihostapdMatch0.2.6
OR
w1.fihostapdMatch0.2.8
OR
w1.fihostapdMatch0.3.7
OR
w1.fihostapdMatch0.3.9
OR
w1.fihostapdMatch0.3.10
OR
w1.fihostapdMatch0.3.11
OR
w1.fihostapdMatch0.4.7
OR
w1.fihostapdMatch0.4.8
OR
w1.fihostapdMatch0.4.9
OR
w1.fihostapdMatch0.4.10
OR
w1.fihostapdMatch0.4.11
OR
w1.fihostapdMatch0.5.7
OR
w1.fihostapdMatch0.5.8
OR
w1.fihostapdMatch0.5.9
OR
w1.fihostapdMatch0.5.10
OR
w1.fihostapdMatch0.5.11
OR
w1.fihostapdMatch0.6.8
OR
w1.fihostapdMatch0.6.9
OR
w1.fihostapdMatch0.6.10
OR
w1.fihostapdMatch0.7.3
OR
w1.fihostapdMatch1.0
OR
w1.fihostapdMatch1.1
OR
w1.fihostapdMatch2.0
OR
w1.fihostapdMatch2.1
OR
w1.fihostapdMatch2.2
OR
w1.fihostapdMatch2.3
OR
w1.fihostapdMatch2.4
OR
w1.fihostapdMatch2.5
OR
w1.fihostapdMatch2.6
OR
w1.fiwpa_supplicantMatch0.2.4
OR
w1.fiwpa_supplicantMatch0.2.5
OR
w1.fiwpa_supplicantMatch0.2.6
OR
w1.fiwpa_supplicantMatch0.2.7
OR
w1.fiwpa_supplicantMatch0.2.8
OR
w1.fiwpa_supplicantMatch0.3.7
OR
w1.fiwpa_supplicantMatch0.3.8
OR
w1.fiwpa_supplicantMatch0.3.9
OR
w1.fiwpa_supplicantMatch0.3.10
OR
w1.fiwpa_supplicantMatch0.3.11
OR
w1.fiwpa_supplicantMatch0.4.7
OR
w1.fiwpa_supplicantMatch0.4.8
OR
w1.fiwpa_supplicantMatch0.4.9
OR
w1.fiwpa_supplicantMatch0.4.10
OR
w1.fiwpa_supplicantMatch0.4.11
OR
w1.fiwpa_supplicantMatch0.5.7
OR
w1.fiwpa_supplicantMatch0.5.8
OR
w1.fiwpa_supplicantMatch0.5.9
OR
w1.fiwpa_supplicantMatch0.5.10
OR
w1.fiwpa_supplicantMatch0.5.11
OR
w1.fiwpa_supplicantMatch0.6.8
OR
w1.fiwpa_supplicantMatch0.6.9
OR
w1.fiwpa_supplicantMatch0.6.10
OR
w1.fiwpa_supplicantMatch0.7.3
OR
w1.fiwpa_supplicantMatch1.0
OR
w1.fiwpa_supplicantMatch1.1
OR
w1.fiwpa_supplicantMatch2.0
OR
w1.fiwpa_supplicantMatch2.1
OR
w1.fiwpa_supplicantMatch2.2
OR
w1.fiwpa_supplicantMatch2.3
OR
w1.fiwpa_supplicantMatch2.4
OR
w1.fiwpa_supplicantMatch2.5
OR
w1.fiwpa_supplicantMatch2.6
Node
suselinux_enterprise_desktopMatch12sp2
OR
suselinux_enterprise_desktopMatch12sp3
OR
suselinux_enterprise_point_of_saleMatch11sp3
OR
suselinux_enterprise_serverMatch11sp3ltss
OR
suselinux_enterprise_serverMatch11sp4
OR
suselinux_enterprise_serverMatch12ltss
OR
suseopenstack_cloudMatch6
VendorProductVersionCPE
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonicalubuntu_linux17.04cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debiandebian_linux9.0cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
freebsdfreebsd*cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
freebsdfreebsd10cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*
freebsdfreebsd10.4cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*
freebsdfreebsd11cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*
freebsdfreebsd11.1cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 851

References

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

CVSS3

5.3

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

6.6

Confidence

High

EPSS

0.002

Percentile

51.9%