CVE-2017-13082

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVSS v3 8.1 HIGH
CVSS v2.0 5.8 MEDIUM

8.1^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability : 2.8 / Impact : 5.2

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 6.5 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00021.html
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt	Third Party Advisory
http://www.debian.org/security/2017/dsa-3999	Third Party Advisory
http://www.kb.cert.org/vuls/id/228519	Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.securityfocus.com/bid/101274	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039570	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039571	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039573	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039581	Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3455-1	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907	Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracks	Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://github.com/vanhoefm/krackattacks-test-ap-ft	Exploit Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-299-02
https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc	Third Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.lenovo.com/us/en/product_security/LEN-17420	Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa	Third Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	Third Party Advisory
https://www.krackattacks.com/	Technical Description Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:17.04:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:freebsd:freebsd::::::::
	cpe:2.3:o:freebsd:freebsd:10:::::::*
	cpe:2.3:o:freebsd:freebsd:10.4:::::::*
	cpe:2.3:o:freebsd:freebsd:11:::::::*
	cpe:2.3:o:freebsd:freebsd:11.1:::::::*
	cpe:2.3:o:opensuse:leap:42.2:::::::*
	cpe:2.3:o:opensuse:leap:42.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:w1.fi:hostapd:0.2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.6:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.2.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.3.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.4.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.7:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.5.11:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.8:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.9:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.6.10:::::::*
	cpe:2.3:a:w1.fi:hostapd:0.7.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:1.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.0:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.1:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.2:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.3:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.4:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.5:::::::*
	cpe:2.3:a:w1.fi:hostapd:2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:1.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.0:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.1:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.2:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.3:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.4:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.5:::::::*
	cpe:2.3:a:w1.fi:wpa_supplicant:2.6:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::ltss::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp4::::::
	cpe:2.3:o:suse:linux_enterprise_server:12::::ltss:::
	cpe:2.3:o:suse:openstack_cloud:6:::::::*

History

No history.

Information

Published : 2017-10-17 13:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-13082

Mitre link : CVE-2017-13082

CVE.ORG link : CVE-2017-13082

JSON object : View

Products Affected

w1.fi

wpa_supplicant
hostapd

redhat

enterprise_linux_desktop
enterprise_linux_server

suse

openstack_cloud
linux_enterprise_point_of_sale
linux_enterprise_desktop
linux_enterprise_server

opensuse

leap

freebsd

freebsd

debian

debian_linux

canonical

ubuntu_linux

CWE

CWE-330

Use of Insufficiently Random Values

CWE-323

Reusing a Nonce, Key Pair in Encryption

8.1 /10