Lucene search

K
ubuntucveUbuntu.comUB:CVE-2017-13081
HistoryOct 16, 2017 - 12:00 a.m.

CVE-2017-13081

2017-10-1600:00:00
ubuntu.com
ubuntu.com
19

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS

0.002

Percentile

60.1%

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows
reinstallation of the Integrity Group Temporal Key (IGTK) during the group
key handshake, allowing an attacker within radio range to spoof frames from
access points to clients.

Bugs

Notes

Author Note
mdeslaur related to intel wireless firmware issue CVE-2017-5729

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H

EPSS

0.002

Percentile

60.1%