CVE-2017-13080
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
74.4%
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 16.04 | cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 17.04 | cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:* |
| debian | debian_linux | 8.0 | cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* |
| debian | debian_linux | 9.0 | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* |
| freebsd | freebsd | * | cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:* |
| freebsd | freebsd | 10 | cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:* |
| freebsd | freebsd | 10.4 | cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:* |
| freebsd | freebsd | 11 | cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:* |
| freebsd | freebsd | 11.1 | cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html
lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html
www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt
www.debian.org/security/2017/dsa-3999
www.kb.cert.org/vuls/id/228519
www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
www.securityfocus.com/bid/101274
www.securitytracker.com/id/1039572
www.securitytracker.com/id/1039573
www.securitytracker.com/id/1039576
www.securitytracker.com/id/1039577
www.securitytracker.com/id/1039578
www.securitytracker.com/id/1039581
www.securitytracker.com/id/1039585
www.securitytracker.com/id/1039703
www.ubuntu.com/usn/USN-3455-1
access.redhat.com/errata/RHSA-2017:2907
access.redhat.com/errata/RHSA-2017:2911
access.redhat.com/security/vulnerabilities/kracks
cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
cert.vde.com/en-us/advisories/vde-2017-003
cert.vde.com/en-us/advisories/vde-2017-005
lists.debian.org/debian-lts-announce/2017/12/msg00004.html
lists.debian.org/debian-lts-announce/2018/11/msg00015.html
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc
security.gentoo.org/glsa/201711-03
source.android.com/security/bulletin/2017-11-01
support.apple.com/HT208219
support.apple.com/HT208220
support.apple.com/HT208221
support.apple.com/HT208222
support.apple.com/HT208325
support.apple.com/HT208327
support.apple.com/HT208334
support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us
support.lenovo.com/us/en/product_security/LEN-17420
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
www.krackattacks.com/
Related
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:M/Au:N/C:N/I:P/A:N
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
74.4%