CVE-2017-13080 Information

Feb 14, 2021 cve

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake allowing an attacker within radio range to replay frames from access points to clients.

CVSS Vector

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Reference

http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt http://www.debian.org/security/2017/dsa-3999 http://www.kb.cert.org/vuls/id/228519 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/101274 http://www.securitytracker.com/id/1039572 http://www.securitytracker.com/id/1039573 http://www.securitytracker.com/id/1039576 http://www.securitytracker.com/id/1039577 http://www.securitytracker.com/id/1039578 http://www.securitytracker.com/id/1039581 http://www.securitytracker.com/id/1039585 http://www.securitytracker.com/id/1039703 http://www.ubuntu.com/usn/USN-3455-1 https://access.redhat.com/errata/RHSA-2017:2907 https://access.redhat.com/errata/RHSA-2017:2911 https://access.redhat.com/security/vulnerabilities/kracks https://cert.vde.com/en-us/advisories/vde-2017-003 https://cert.vde.com/en-us/advisories/vde-2017-005 https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080 https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc https://security.gentoo.org/glsa/201711-03 https://source.android.com/security/bulletin/2017-11-01 https://support.apple.com/HT208219 https://support.apple.com/HT208220 https://support.apple.com/HT208221 https://support.apple.com/HT208222 https://support.apple.com/HT208325 https://support.apple.com/HT208327 https://support.apple.com/HT208334 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us https://support.lenovo.com/us/en/product_security/LEN-17420 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html https://www.krackattacks.com/

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.3

Share on: